Security Flaw Allowed Access To Some LG Smart Appliances

Security researchers recently disclosed a vulnerability that could have allowed hackers to take control of a number of smart appliances made by LG Electronics. The issue could have allowed attackers to turn appliances on or off remotely — or even to access a live video feed in a user’s home.

Check Point

The security flaw was published by the researchers at Check Point. Dubbed the HomeHack vulnerability, the flaw could have allowed hackers to switch dishwashers and washing machines off or on, or most disturbingly, allowed live video access through the camera on LG’s Hom-Bot robotic vacuum cleaner.

The problem would have affected users of LG’s SmartThinQ appliances by giving hackers access to user accounts. The researchers noted that more than 400,000 customers bought a Hom-Bot in the first half of 2016, which could have made this issue not just invasive, but widespread.

Patched Up

Fortunately, all of these possible problems appear to have been avoided. Check Point claims they contacted LG in late July, and LG issued a security patch for the vulnerability in late September.

That’s still a two-month gap between being notified and fixing the issue, but LG Electronics seems confident in its solution. Koonseok Lee of LG Electronics told ZDNet that “Effective September 29th the security system has been running the updated 1.9.20 version smoothly and issue-free.”

Further details about the attack — including a demo of how it would work — can be found in Check Point’s blog post.

Staying Vigilant

While smart appliance users seem to have dodged a bullet with this particular vulnerability, it still stands as a reminder that the Internet of Things (IoT) — including smart appliances — is susceptible to hackers. There are many fears about overall security issues involving IoT products, and this isn’t going to change any minds.

Companies need to do their part in staying on top of security holes, as do users of these products: make sure to check for software updates often, and update as much as possible.

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is Editor of Security Baron. An award-winning journalist, Dzikiy was formerly the Editor-in-Chief of iLounge.com, and his writing has appeared on TheWirecutter.com, among other outlets. He lives in New York City.

Related News

Leave a Comment

Trending News

Follow Us

Reviews