Skip to main content

Mi-Cam baby monitors are easily hackable, so you may want to turn yours off

Hijacking of arbitrary miSafes Mi-Cam video baby monitors

You may depend upon your baby monitor to keep an eye on your precious little one, but a newly discovered vulnerability suggests that parents may not be the only ones watching their children. As per a warning from Austrian cybersecurity company SEC Consult, it would appear that the Mi-Cam baby monitor is susceptible to “multiple critical vulnerabilities which include unauthenticated access and hijacking of arbitrary video baby monitors.”

Recommended Videos

Around 50,000 folks are estimated to have Mi-Cams in their homes, and it would seem that any of them could fall prey to hackers. Ill-intentioned actors can allegedly hack into Mi-Cams and use them to spy on just about anything the cameras can see.

Please enable Javascript to view this content

SEC Consult claims that it has tried to contact MiSafe, the company behind the Mi-Cam, to warn it against the potential vulnerabilities. Unfortunately, the security firm says that it has received no answer, and consequently, is urging customers to turn off the Mi-Cams in order to protect themselves.

In order to hack into the Mi-Cam, an attacker would simply need to set up a proxy server capable of intercepting and modifying an HTTP request between a smartphone and device. In this way, attackers would be able to check out Mi-Cam footage without ever entering a password on the device’s companion app. Moreover, SEC Consult claims that there are several APIs that helped them attain information on how to connect to the Mi-Cam cloud network and actually toy with the baby monitor.

As Johannes Greil, head of the SEC Consult Vulnerability Lab noted, “Information retrieved by this feature is sufficient to view and interact with all connected video baby monitors for the supplied [user ID].” Apparently, user IDs were also quite easy to guess.

In SEC Consult’s white-hat hacking efforts, they were able to completely automate the interception of content between the Mi-Cam and its cloud server, which made it easy to effectively set up a standing live-stream of video feeds.

Getting these (among other) issues resolved has proven to be a challenge, especially as it is not entirely clear as to who is responsible for Mi-Cams. While MiSafe is the actual creator of the device, QiWo Smartlink Technology seems to have the rights to the technology. Forbes reports that QiWo is indeed responsible for software updates, and that the company will be reaching out to the Securities Exchange Commission (SEC) in order to address security issues as soon as possible.

Luckily, it would appear that Mi-Cams are no longer in production, which means that you can no longer buy these faulty baby monitors. But if you’re one of the 50,000 or so individuals who already have one of these cameras, you’ll likely want to turn them off for the time being.

Lulu Chang
Former Digital Trends Contributor
Fascinated by the effects of technology on human interaction, Lulu believes that if her parents can use your new app…
You can still get this PowerSmart snow blower for just $100 for Cyber Monday
The PowerSmart 18-inch Corded Snow Blower.

No one wants to be stuck with a snow-covered driveway this winter, especially when you know you’ll have to throw on boots to shovel it. That’s why we’re glad to have come across this solid Cyber Monday promotion for a PowerSmart snow blower: Right now when you order the PowerSmart 18-inch Corded Snow Blower on Amazon, you’ll only pay $100 for Cyber Monday. At full price, this model sells for $170, making now the best time to stock up on a tool you'll definitely be thanking yourself later for this winter.

Why you should buy the PowerSmart 18-inch Corded Snow Blower
When it comes to snow eradication, the PowerSmart Snow Blower has got you covered. This hand-pushed blower has a 17-inch clearing width and a 30-foot throw distance and can tackle up to six inches of snow. Plowing up to 800 pounds per minute, you’ll be able to tackle snow buildup on driveways, walkways, and around the mailbox with ease! And because you don’t have to worry about battery power, the PowerSmart’s 15-amp motor delivers top plug-in performance at all times.

Read more
Quick! This air fryer is just $16 for Walmart’s Cyber Monday sale event
The Cshid Air Fryer on a white background.

Cyber Monday deals are happening right now and we’re not convinced there’s a cheaper air fryer deal around than the one at Walmart. Today, you can buy a Cshid Air Fryer for just $16, which means you’re saving a huge $44 off the regular price of $60. $16 for an air fryer is unbelievable value and perfect if you’re just trying out air frying for the first time ever. It's pretty much the best Cyber Monday air fryer deal around and easily puts it into impulse buy territory for the sale event. Here’s what it provides, but at this exclusive price for Cyber Monday -- just buy it. You won’t regret it.

Why you should buy the Cshid Air Fryer
Considerably cheaper than the best air fryers under $100, we’re not counting on the Cshid Air Fryer beating the best air fryers, but it’s still an ideal starting point.

Read more
Cyber Monday discounts: Certain Yeti gear is 20% off today
A woman using the Yeti 35oz Rambler with Handle and Straw Lid.

Who wants to carry around a boring plastic thermos this holiday season? Certainly not any of you dedicated deals hunters! We’ve been tracking Cyber Monday markdowns, and we’re pleased to inform you that everyone’s favorite beverage-adjacent brand, Yeti, is offering solid discounts on Amazon for the annual savings event:

Right now, when you purchase the Yeti Rambler 46oz Bottle on Amazon, you’ll only pay $44. And if you order the Yeti Rambler 35oz Tumbler with Handle and Straw, you’ll only pay $34. That's a 20% discount on both.
Yeti Rambler Bottle -- $44 $55 20% off

Read more