Researchers Find Vulnerabilities In Blink Cameras

Tenable Research, a cyber exposure company, has found seven vulnerabilities in Blink cameras which could allow hackers to:

  • Livestream footage
  • Listen to audio output
  • Perform Distributed Denial of Service, or DDoS attacks
  • Steal data
  • View video and photo storage
  • Add or remove devices from account
  • Block all communications from camera
  • Send spam.

These vulnerabilities were found in the Blink XT2 specifically, Blink’s latest indoor/ outdoor camera.

Blink XT2
Blink XT2

The security flaws in the Blink XT2 would allow the hacker to gain access to the use’s personal information and home networks, according to a recent press release from Intelligent CIO. Renaud Deraison, Tenable’s co-founder and Chief Technology Officer, said,

“Manufacturers of IoT devices have an opportunity and an obligation to ensure that effective security is baked into the overall design from the start and not bolted on as an afterthought. This is especially critical when the device in question is a security camera.”

Since Tenable has pointed these security flaws to Blink, which is owned by Amazon, Amazon has created and released security patches.

Security Flaws Found In Nest Cameras

Blink is not the only smart security company to have security vulnerabilities in their cameras. Last summer, a division of Cisco Security called Talos discovered vulnerabilities on the Nest Cam IQ Indoor camera. The vulnerabilities were on the camera’s weave binary, which hands setup and initial communication with other Nest devices. Similarly to Blink, Nest Labs updated the Nest Cam IQ Indoor’s software to fix these vulnerabilities.

Nest has all had issues handling their customers’ private information like email addresses and passwords, which were found on the web. However, Nest claims that this wasn’t the fault of their software, but rather anonymous third parties. Rishi Chandra, Nest’s Vice President of Product, recommended that users disable compromised accounts, change passwords to make them all unique, enable two-step verification, update routers and be vigilant about phishing emails. As phishing emails get increasingly sophisticated, protecting personal information online is more difficult than ever.

FAQs

Does the Blink XT2 record?

Yes, the Blink XT2 records footage whenever it detects motion. You’ll be able to view cloud storage in the Blink Home app.

Does Blink have a monthly fee?

No, there is no monthly fee to use Blink.

Are Blink cameras any good?

Blink cameras are good when it comes to their 1080p HD video, infrared night vision, two-way audio, and Alexa integrations. However, they are lacking when it comes to wide fields of view, local storage, cloud storage over two hours, person detection, and Google Assistant integrations.

Aliza Vigderman

Aliza Vigderman

Aliza is a journalist living in Brooklyn, New York. Throughout her career, her work has spanned many intersections within the tech industry. At SquareFoot, a New York-based real estate technology company, she wrote about the ways in which technology has changed the real estate industry, as well as the challenges that business owners face when they want to invest in property. At Degreed.com, an education technology website, Aliza created digital content for lifelong learners, exploring the ways in which technology has democratized education. Additionally, she has written articles for The Huffington Post as well as her own content on Medium, the online publishing platform. Aliza’s love of journalism and research stems from the excellent Journalism program at Brandeis University. At Brandeis, Aliza interned as a research assistant at the Schuster Institute for Investigative Journalism, a non-profit “news room without walls”. There, Aliza was paired with an investigative journalist and used academic databases to obtain data on everything from the suicide rates in Bhutan to local Boston court cases. Her last position was as an account executive at Yelp, educating business owners on the power of technology to increase revenue. Throughout, however, her heart remained with tech journalism, and she’s thrilled to be writing for Security Baron. When she’s not keeping afloat of the latest tech trends, Aliza likes to cook, read, and write. A former high school “Class Clown,” Aliza has completed two feature-length screenplays, a pilot, and countless comedic sketches. On her days off you can find her relaxing in Prospect Park, trying the latest flavors at Ample Hills Ice Cream, and spending time with friends and family.

Trending News

Follow Us

Reviews