For HomeFor BusinessFor Partners
Smart Home
1 min read

Outdated Samsung SmartThings Hub could allow burglars in your home

Filip TRUȚĂ

July 27, 2018

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Outdated Samsung SmartThings Hub could allow burglars in your home

The Internet of Things’ biggest promise is convenience, and devices like the Samsung SmartThings Hub aim to extend that promise even further – by putting the controls to every smart home device onto their handset. However, as researchers recently showed, such convenience sometimes comes at a cost.

A discovery made by Claudio Bozzato of Cisco Talos reveals that even IoT devices that promise to secure your house can turn against you if they fall into the wrong hands.

Bozzato found no less than 20 vulnerabilities in the device sold by Samsung, some of which could be “chained” together to create attack scenarios like:

  • Unlock smart locks controlled by the SmartThings Hub, allowing for physical access to the home
  • Remotely monitor occupants through cameras deployed within the home
  • Disable motion detectors (which would aid a break-in)
  • Control smart plugs to turn off or on different things, potentially causing physical damage to certain appliances connected to those plugs
  • Control thermostats…

…and the list could continue. As Bozzato puts it, “Given the wide range of possible deployments of these devices, this is not a complete list of different scenarios.”

Cisco’s blog post offers a close look at all the vulnerabilities in question, including the ways they can be chained together to create attack vectors.

The good news is researchers disclosed the bugs to Samsung responsibly – i.e. before making the news public. Samsung has therefore had plenty of time to patch all the flaws. And because the SmartThings Hub supports over-the-air updates that it can fetch automatically whenever Samsung rolls them out, users should already be on the latest (and safest) firmware.

However, if for some reason your SmartThings Hub has been offline for a while, or if you’re just plain paranoid (which you should be, in this case), check and see if you are on version 0.22.13 of your tiny hub’s firmware. If your versioning is any lower, chances are your hardware is still vulnerable to the dangers described above. The SmartThings app or web module should allow you to fetch the necessary update.

tags

Smart Home

Author

Filip TRUȚĂ

Filip TRUȚĂ

Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

Right now Top posts

Torrents with Pirated TV Shows Used to Push Lumma Stealer Malware
Threats The Safe Nomad

Torrents with Pirated TV Shows Used to Push Lumma Stealer Malware

November 14, 2024

4 min read
How Scammers Stole $20 Million by Hacking Emails of Real Estate Agents – Here’s Why Small Firms Must Take Cybersecurity Seriously
Industry News Very Small Business Scam

How Scammers Stole $20 Million by Hacking Emails of Real Estate Agents – Here’s Why Small Firms Must Take Cybersecurity Seriously

November 11, 2024

3 min read
Is Your Digital Footprint Placing You in Scammers’ Crosshairs?
Scam

Is Your Digital Footprint Placing You in Scammers’ Crosshairs?

October 17, 2024

4 min read
What Key Cyberthreats Do Small Businesses Face?
Tips and Tricks How to Very Small Business

What Key Cyberthreats Do Small Businesses Face?

September 06, 2024

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Track Guide to Las Vegas: Cybersecurity Edition
Cybersecurity Grand Prix

Track Guide to Las Vegas: Cybersecurity Edition
Bitdefender

November 19, 2024

3 min read
Cybersecurity Grand Prix: Race to Secure Your Digital Footprint
Cybersecurity Grand Prix

Cybersecurity Grand Prix: Race to Secure Your Digital Footprint
Bitdefender

October 28, 2024

3 min read
Finnish Customs, Europol, Swedish Police and Bitdefender Cooperation Leads to Sipulitie Dark Web Marketplace Shut Down
Industry News

Finnish Customs, Europol, Swedish Police and Bitdefender Cooperation Leads to Sipulitie Dark Web Marketplace Shut Down
Bitdefender

October 15, 2024

3 min read

Bookmarks

loader