Skip to main content
  1. Home
  2. Smart Home
  3. News

Thousands of Belkin WeMo devices may be vulnerable to hackers: UPDATED

By

UPDATE: Belkin has now released a fix for the security issues mentioned below. To remedy the issue, Belkin urges WeMo users to download the latest app from the App Store (version 1.4.1) or Google Play Store (version 1.1.2) and then upgrade the firmware version through the app. Find more information here

According to a recently-released study from security research firm IOActive, nearly half a million Belkin WeMo devices may be vulnerable to attackers.

Recommended Videos

In a number of different experiments, the WeMo line – which includes things like remotely-controlled switches, plugs, and motion sensors for home automation – was shown to have a variety of different security flaws that give hackers the ability to:

  • Remotely control WeMo devices over the Internet
  • Perform malicious firmware updates
  • Remotely monitor devices
  • Access an internal home network

Obviously, this is bad news for Belkin, but it’s even worse news for anyone who currently has a WeMo device in their house. If these vulnerabilities are legitimate, it means that once attackers have compromised a device, they’re free to remotely turn WeMo-connected appliances on or off at will. Depending on the gear users have connected to their WeMos, this could lead to something as harmless as some wasted electricity, or as dangerous as a house fire. On top of that, WeMo motion sensors could be used to remotely monitor a house. This could make a home an easy target for tech-savvy burglars who can use a compromised WeMo to determine when people are in that house, and when they aren’t.

Additionally, once an attacker has established a connection to a WeMo device within a victim’s network, the compromised device can be used as a foothold to attack other devices on your home network – including things like laptops, mobile phones, network-attached storage, or home automation devices. 

Mike Davis, IOActive’s principal research scientist, had this to say about the findings: 

“As we connect our homes to the Internet, it is increasingly important for Internet-of-Things device vendors to ensure that reasonable security methodologies are adopted early in product development cycles. This mitigates their customer’s exposure and reduces risk.”

We couldn’t agree more.

IOActive has reached out to Belkin for comments on the issue, but has yet to receive a response. For the time being, we recommend that you unplug any WeMo devices you may own and check back for updates.

We’ll keep you posted should any security patches be released.

[via Help Net Security]

Topics
Drew Prindle
Drew Prindle
Former Digital Trends Contributor
Drew Prindle is an award-winning writer, editor, and storyteller who currently serves as Senior Features Editor for Digital…
Elevate your home’s ambiance with Nanoleaf Skylight – now on sale at Best Buy
modular smart home lighting on ceiling

If you’re looking for a sleek and modern way to brighten up your space, the Nanoleaf Skylight Smart LED Flush Mount might be the perfect solution. Best Buy is offering a price-drop on this innovative modular ceiling light (originally priced at $250, now priced at $199), making it easier than ever to update your home with smart, customizable lighting.
Nanoleaf Skylight: A Modular, Color-Changing Ceiling Light

The Nanoleaf Skylight leverages modular panel design to take smart home lighting to the next level. We love this design because it helps you create a custom layout to fit your space. Whether you want a single panel or a full skylight effect, the flush-mounted fixture delivers evenly diffused lighting with over 16 million colors and tunable white settings.

Read more
The SwitchBot Roller Shade is fantastic, but its installation is a chore
Two people putting up the Roller Shade

The SwitchBot Roller Shade launched earlier this year, offering an affordable alternative to customized, professionally installed products. This type of smart shade can cost thousands of dollars, whereas the SwitchBot Roller Shade starts at just $200. I've spent the last few weeks with the product -- and while the process of getting it sized and placed in my windows was an absolute headache, it's become a welcome addition to my smart home.

If you're seeking a reliable and affordable way to bring smart blinds into your home, the SwitchBot Roller Shades are an easy recommendation. Installation might be a chore, but once they're up and running, you won't want to take them down.
Frustrating installation

Read more
Home Depot shows off new smart home products arriving later this year
Two products coming to Home Depot in 2025

Home Depot today revealed four new products joining its catalog later this year, including a new smart bulb and a robust smoke alarm from Ring and Kidde. However, none of these upcoming devices will be compatible with Hubspace -- Home Depot's user-friendly smart home platform. Despite the omission, there's still a lot to look forward to at the retailer.

The most exciting product of the bunch is a collaboration between Ring and Kidde. First debuted at CES 2025, the Kidde Smart Smoke & Smart Combo Alarm with Ring Technology will be arriving exclusively at Home Depot this April. The two devices are designed to detect smoke three times more precisely and up to 25% faster than the competition.

Read more