Skip to main content
  1. Home
  2. Smart Home
  3. News

Hackers may attack home networks through Philips Hue smart bulbs vulnerability

By

Security researchers discovered a vulnerability in the Philips Hue smart bulbs that may allow hackers to infiltrate a home’s network.

Recommended Videos

Cybersecurity firm Check Point revealed the exploit through a blog post, where it detailed the method of attack that hackers may use to take advantage of the bug.

Related

The first step in the hack, which is made possible by a remote exploit in the ZigBee low-power wireless protocol that is used on many smart home devices, is for the hacker to take control of one Philips Hue smart bulbs. By adjusting the bulb’s color and brightness, the victim will be tricked into thinking that it is glitching out.

The smart bulb will appear as “unreachable” in the Philips Hue control app, so the victim will likely try to reset it by deleting the bulb and then reconnecting it to the app. Once the infected bulb is back online, the hacker will flood its control bridge with malware through the ZigBee exploit, then infiltrate the home network where the bridge is attached to spread ransomware and spyware, among other things.

The hack requires the victim to take action on a malfunctioning Philips Hue smart bulb, which has a good chance of happening due to the visibility of a flickering light bulb. The researchers already reached out to Signify, the parent company of Philips Hue, in November 2019 to provide information about the vulnerability, which has already been patched up in firmware version 1935144040.

Philips Hue smart bulb owners are recommended to check the software update section of the Philips Hue control app to make sure that the latest version of the software has been installed. It should not be an issue if automatic updates are enabled, otherwise, owners will need to manually download the new firmware version.

Check Point, in a joint decision with Signify, further delayed the release of the full technical details of the vulnerability. This delay is intended to give people sufficient time to update their Philips Hue smart bulbs, in order to protect themselves from hackers trying out the attack especially after its full details are eventually released by Check Point.

Editors’ Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
Philips unveils new Hue Go lamp, Tap switch, and app upgrades
Philips Hue Go Lamp on a patio table where friends are sitting together at night.

Philips Hue took the wraps off several new smart lamps and upgrades, including a portable lamp, a new twist on its physical switch, new indoor downlights, and a smattering of other upgrades.

The new Philips Hue Go lamp offers a lot of the same features as the previous generation packed into a new form factor. A wireless charging base lets you grab it and go with minimal fuss. The stem has a grip to help you move it around while a single button cycles through different scenes. The standalone runtime on the lamp is 48 hours. Expect to see this one on store shelves by the end of the summer for $160.

Read more
Enhancing a vacation home with smart tech
Multiple colored hue lights on inside a living room

Summer is nearly here and it's the perfect time to take a trip and relax. That's right, vacation season is upon us. People are heading to the beach or away from the sweltering heat to something cooler. If you're lucky enough, you may have a separate vacation home that you can stay at for a few weeks or months throughout the year.

Now, you might have some smart home devices in your current or main home where you're currently residing. Some of those devices will overlap with what you'd want at your vacation home, but some can be more specific to account for the shorter amount of time you'll be staying there. Let's go over all those devices worth adding to a vacation home.
Security

Read more
CBS is wrong. Hackers are unlikely to burglarize a smart home
Person using the Wyze Lock Bolt finger scanner to open the door.

Yesterday, CBS New York ran a piece on how smart devices can leave your home open to security threats.

The second line particularly stands out to me: "Even your light bulbs could leave you vulnerable."

Read more