Skip to main content
  1. Home
  2. Smart Home
  3. News

Internet-connected hot tubs can be hacked and controlled remotely

AJ Dellinger
By
Lars Plougmann/Flickr

Hot tubs are supposed to be a great way to relax, but that’s a little harder to do when you aren’t in control of them. Thousands of hot tubs running a system made by Balboa Water Group have exploits that can be hacked to allow malicious actors to remotely control them, according to a recent report from the BBC.

The issue, discovered by security researchers at the U.K.-based security firm Pen Test Partners, stems from lapses in a mobile app that enables hot tub owners to control their tubs from their phone. Attackers could theoretically gather information found on public resources to find homes with the vulnerable hot tubs and target them. The malicious actors could use third-party databases to find the GPS location data of a given tub and hijack it. There is no authentication that would prevent the attackers from getting into the system.

Recommended Videos

Once the attackers have picked their target, they can assume control of the tub remotely. That means they can make the temperature hotter or colder, take over the pumps and jets, and change the lights. The entire attack can be carried out over a smartphone or laptop.

Related

According to the BBC, Balboa Water Group was caught off guard by the report and said it was “surprised” to learn of the vulnerability. The mobile app that gives users the ability to remotely control their hot tub has been available for about five years and users have never reported any issues or hacking attempts, according to the company.

Balboa Water Group is in the process of addressing the security flaw and plans to have it patched up by the end of February — which is a long time to leave a known flaw unpatched and available to exploit. The company is working with its customers to set up individual usernames and passwords so they can secure their apps. It previously opted not to have users set up personal accounts because it wanted to simplify the activation process. While that might have made things more convenient, the decision also exposed users to having their personal time in the hot tub interrupted by hackers.

Editors' Recommendations

Topics
AJ Dellinger
AJ Dellinger
Contributor
AJ Dellinger is a freelance reporter from Madison, Wisconsin with an affinity for all things tech. He has been published by…
Your whole life can be connected to the Internet of Things with SensePeanut
sensepeanut iot

Your whole life might be getting a lot more connected. As the Internet of Things continues to permeate seemingly every aspect of our existence, we're now being introduced to the latest participants to enter the fray. Meet SensePeanut, described as an "innovative range of smart, intuitive sensors designed to bring affordable, easy-to-use connected life functionality to the masses."

These series of individual sensor tags are each meant to "perform, monitor, or track" an element of your livelihood, all for just $29 each.

Read more
Wait a minute, Doc. Are you telling me you built a hot tub, out of a DeLorean?
back to the future hot tub delorean super fan builds hovertub

There aren't many cars as iconic as the DeLorean that doubled as a time machine in Back to the Future, so it's no surprise that a DeLorean has appeared in a new guise on Super-Fan Builds, but where this one's going, it doesn't need roads, it just needs a lot of water.

Super-Fan Builds sees some of the movie industry's greatest prop makers come together to perform a Pimp My Ride-style makeover/re-creation of some object from nerd-dom for a superfan. This time around, they opted to turn a DeLorean into a hot tub for a Back to the Future superfan named Brandon.

Read more
Golchi can keep your drinks hot, cold, or both at the same time
golchi water bottle screen shot 2016 06 18 at 4 54 30 pm

Sometimes what you really need to go with your piping-hot coffee is a glass of ice-cold water. But finding a way to take those two on the go together can be something of a challenge. That no longer a problem, however, with Golchi. Meet the versatile bottle that allows you to carry two beverages at the same time, even if they’re at drastically different temperatures. Thanks to its vacuum-insulated compartments, your cold drinks will stay icy for 24 hours, even as you hot drinks remain hot temperature for up to 12 hours. And don’t worry -- a temperature gauge will keep you from taking a giant swig of either by accident.

Recently launched on Kickstarter, you can use Golchi in a variety of drinking situations. The modular design of this next-level bottle means that you can have a big thermos, a little water bottle, or become two bottles all in one. And thanks to its separate dry storage compartment, you can even bring solids along for the ride, whether that’s medicine, food, or protein powder.

Read more