Defcon heats up with smart thermometer ransomware

ransomware defcon smart thermometer iotthermom
Being hit by ransomware can be devastating and expensive for those affected by the encrypting malware, but it’s not just files and folders that are being targeted by it. As the Internet of Things (IoT) expands into many new connected devices, ransomware is able to go after them too, and smart thermometers are the latest kit found to be vulnerable to such attacks.

Fortunately this is one of those cases where the researchers proved it as a concept before it was seen in the wild, which at least keeps us a little ahead of the curve. UK based security researchers, Andrew Tierney and Ken Munro, both demonstrated this potential avenue of attack at the DefCon security conference in Las Vegas this week.

Together they became the first people to apply ransomware to a smart thermometer, which essentially operates like a small Linux box (thanks NextWeb) with a temperature sensor and some networking capabilities. The one in this case is also able to accept wallpapers and config settings from an SD card, which is what Tierney and Munro used to infect it with ransomware.

When enabled, the attack blocked all access to the thermometer’s functionality, covering it in a background which read: “Ha! You Suck! Pay 1 Bitcoin to get control back.” It doesn’t take much of a stretch of the imagination to understand how that might then direct an affected user to send that Bitcoin to a specific address.

Fortunately, putting the ransomware on this IoT device did require physical access to the SD card slot, but once it was infected, it was possible to take control via remote shell and IRC.

That is only the case for this brand and model of thermometer though, there are many other IoT devices that could potentially be infected remotely and though this is a proven vector and those are more hypothetical, the potential for ransomware expansion beyond desktops and laptops is very real.

So much so in fact, that the director of national intelligence, James Clapper, recently warned IoT devices could be used to monitor people in their own homes.


Keep your driving record squeaky clean with these top-flight radar detectors

Nobody likes getting a speeding ticket, but these gadgets can help. Check out our picks for the best radar detectors on the market, from the likes of Valentine One, Escort, and Beltronics.
Home Theater

From the Roku Ultra to the Fire TV Cube, these are the best streaming devices

There are more options for media streamers than ever, so it’s more difficult to pick the best option. But that’s why we're here. Our curated list of the best streaming devices will get you online in no time.

24 must-have apps for rooted Android phones and tablets

Rooting your Android device opens up a world of possibilities, along with a few apps. Here are 24 of our favorites, so you can make the most of your rooted device and unleash the true power of Android.
Home Theater

Here are some common AirPods problems, and how to fix them

Apple’s AirPods are among the best fully wireless earbuds we’ve seen, but they’re not perfect. If you’re having trouble, take a look at our guide to the most common problems and what you can do to fix them.

You don't have to spend a fortune on a PC. These are the best laptops under $300

Buying a laptop needn't mean spending a fortune. If you're just looking to browse the internet, answer emails, and watch Netflix, you can pick up a great laptop at a great price. These are the best laptops under $300.

Dodge the biggest laptop-buying mistakes with these handy tips

Buying a new laptop is exciting, but you need to watch your footing. There are a number of pitfalls you need to avoid and we're here to help. Check out these top-10 laptop buying mistakes and how to avoid them.

Amazon sale knocks $200 off the price of 13-inch MacBook Pro with Touch Bar

If you always wanted to buy a MacBook Pro but found it a bit too expensive, now is your chance to save. A base version of the 13-inch MacBook Pro with Touch Bar is currently on sale at Amazon for $1,600.

Keep your laptop battery in tip-top condition with these handy tips

Learn how to care for your laptop's battery, how it works, and what you can do to make sure yours last for years and retains its charge. Check out our handy guide for valuable tips, no matter what type of laptop you have.

Is it worth spending more for the Surface Pro, or is the Surface Go good enough?

The Surface Go vs. Surface Pro — which is better? While the higher price tag of one might make you think it's an easy choice, a deeper dive into what each offers makes it a closer race than you might assume.

Apple’s 4K 21.5-inch iMac is now $200 off if you pre-order it

Apple's new iMacs are now available and if you pre-order one from B&H you can get the midrange version for $200. That's a near 20-percent saving on one of the most competitive configurations.
Emerging Tech

Microsoft’s latest breakthrough could make DNA-based data centers possible

Could tomorrow's data centers possibly store information in the form of synthetic DNA? Researchers from Microsoft have successfully encoded the word "hello" into DNA and then back again.

Own an Asus computer? Malware might be hiding in your system

If you own an Asus computer, your system might have been infected by malware distributed from the tool you typically use to update the BIOS and install other security patches, according to a new report by cybersecurity firm Kaspersky Lab.

The new Windows 10 File Explorer could look like this in 2020

Microsoft may update Windows 10's File Explorer to adopt Fluent Design principles in an upcoming 2020 update. A report suggests that we'll get our first glimpse at the new-look explorer in upcoming Windows Insider builds.

Hands-on with Microsoft Chromium Edge: A first look at the early release

We installed a preview of Edge Chromium, and there's now a lot that makes it feel Chrome, but there are also some similarities to the old Edge. So, is the new Chromium Edge the best browser ever? Here's a hands-on look.