1. Smart Home

Hackers may attack home networks through Philips Hue smart bulbs vulnerability

By

Security researchers discovered a vulnerability in the Philips Hue smart bulbs that may allow hackers to infiltrate a home’s network.

Cybersecurity firm Check Point revealed the exploit through a blog post, where it detailed the method of attack that hackers may use to take advantage of the bug.

The first step in the hack, which is made possible by a remote exploit in the ZigBee low-power wireless protocol that is used on many smart home devices, is for the hacker to take control of one Philips Hue smart bulbs. By adjusting the bulb’s color and brightness, the victim will be tricked into thinking that it is glitching out.

The smart bulb will appear as “unreachable” in the Philips Hue control app, so the victim will likely try to reset it by deleting the bulb and then reconnecting it to the app. Once the infected bulb is back online, the hacker will flood its control bridge with malware through the ZigBee exploit, then infiltrate the home network where the bridge is attached to spread ransomware and spyware, among other things.

The hack requires the victim to take action on a malfunctioning Philips Hue smart bulb, which has a good chance of happening due to the visibility of a flickering light bulb. The researchers already reached out to Signify, the parent company of Philips Hue, in November 2019 to provide information about the vulnerability, which has already been patched up in firmware version 1935144040.

Philips Hue smart bulb owners are recommended to check the software update section of the Philips Hue control app to make sure that the latest version of the software has been installed. It should not be an issue if automatic updates are enabled, otherwise, owners will need to manually download the new firmware version.

Check Point, in a joint decision with Signify, further delayed the release of the full technical details of the vulnerability. This delay is intended to give people sufficient time to update their Philips Hue smart bulbs, in order to protect themselves from hackers trying out the attack especially after its full details are eventually released by Check Point.

Editors' Recommendations

Philips Hue smart light app revamped, adds geofencing capabilities

philips hue smart light app geofencing new

7 things you didn’t know smart lights could do

lightstory portable smart touch bluetooth speaker led lamps dtdeals lamp

Wyze Floor Lamp Review: Slick design, could use more smarts

Wyze Floor Lamp desk

Apple’s rumored TV box confirms convergence is the key to the smart home

Apple TV

Best cheap oven deals for June 2021

cooking on the frigidaire gallery fgif3036tf induction range self cleaning oven 1

Best cheap Dyson vaccum and fan deals for June 2021

dyson v11 torque vacuum deal drive 2 resized

Best cheap air fryer deals for June 2021: Instant Pot, Ninja, and Dash

bella pro cuisinart chefman instant vortex plus air fryer deals amazon best buy early memorial day sales 6 in 1

Best cheap air purifier deals for June 2021

best air purifier deals germ guardian ac5350b

Best cheap home security camera deals for June 2021: Arlo, Nest, Ring, EZVIZ

Arlo Pro 2 Cheap Home Security Camera

Best cheap Keurig deals for June 2021

amazon daily deal keurig k475 single serve k cup pod coffee maker 4

Best cheap robot vacuum deals for June 2021: Roomba, Eufy, Deebot

roborock s6 robot vacuums amazon deals pure vacuum living room family couch

Best cheap office chair deals for June 2021

staples offering best deals on select printers office chairs plus free shipping chair

Best cheap Nespresso deals for June 2021

Breville-Nespresso USA Nespresso Creatista Plus Coffee Espresso Machine