Those fears, to an extent, have been found accurate. It was recently discovered that a vulnerability within the Android app of Belkin’s WeMo-branded IoT devices allowed hackers to gain access to phones connected to the devices. This included being able to take images from the phones and even track the phone’s movements, according to Motherboard.
The revelation comes from Scott Tenaglia and Joe Tanen, of Invincea Labs. The two security researchers discovered the security issue in the WeMo app, allowing them access to things they should not have had access to. For their part, Belkin notes the bug in the app was fixed in August, though the vulnerability in the WeMo devices still exists. Belkin says a manual update for the appliance is coming soon.
There is no need to rush and turn off all of your WeMo devices, but this is yet another reminder that security has been a bit lax for some IoT devices. The convenience of controlling everything in your home from the coffee maker to the heater with your phone is appealing but as has been demonstrated here, the security holes can leave you in a troublesome situation.
This particular issue seems to be resolved, with Belkin fixing the app exploit and updating the devices to close the security flaw. It also may have been a situation where someone was on the same network as all the devices too. But the fact remains, this will not be the last time we hear about IoT device security issues.
Editors' Recommendations
- Yes, China is probably watching us through our IoT devices
- Insulin pumps recalled for vulnerability; concerns raised over medical IoT hacks
