Yes, Even Smart Plugs Can Help Steal Passwords

Technology can be amazing. It's easy to get excited about the idea of having conveniences that were unthinkable a couple of decades ago, including all the fancy gadgetry of a smart home. However, every single device in your smart home can be a potential point of entry for bad actors and it turns out smart plugs are no exception to that rule.

A consumer investigation conducted in 2020 found that a number of smart electric plugs sold by various retailers can expose personal data to bad actors or even be a fire hazard if misused.

The investigation discovered a significant issue with setting up a user Wi-Fi password for the smart plugs - the password was not encrypted in any way and was wide open for potential attacks. Tests were run on 10 different types of smart plugs and over a dozen vulnerabilities surfaced as a result. The researchers rated three of the vulnerabilities as "critical".

Password Security Issues Are Present in Many IoT Devices

One plug has a fault that could lead to a fire or even a small explosion. The critical vulnerabilities discovered could allow hackers to grab the unencrypted Wi-Fi network password and gain access not just to the plug in question but to other devices connected to the same smart home hub, including optical devices such as cameras. It's very easy to imagine that burglars would love to be able to see through your home security cameras and monitor when you leave your home.

The issues discovered with the smart plugs underline not just the dangers of having a lot of potentially hackable smart devices in your home but also the need for state-level legislation that can establish some sort of security guidelines and requirements for similar technologies. A lot of the plugs tested used default passwords - admittedly an issue that is found in an awful lot of IoT devices and not just those specific plugs. The plug packaging also rarely included contact information that users could use to report any issues with the devices.

The default passwords, lack of encryption and overall poor security is not an issue that is exclusive to the smart plugs that were the subject of the investigation. Every Internet-enabled device that people install in their homes gives another potential attack vector for cybercriminals. This is especially true of IoT devices such as cameras and smart appliances that buyers usually don't see as a potential entry point for hackers because they only associate their computer and smartphone with the notion of hacking.

By Zaib
October 5, 2020
Password Security
English
October 5, 2020
Password Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Password Security

Yes, All of These Smart Home Devices Can Be Hacked If You Do Not Set up Strong Passwords

Smart TVs, baby monitors, Wi-Fi enabled security cameras, and other similar devices make our daily tasks easier and more fun. However, while there is no denying such gadgets are convenient, a lot of users forget that... Read more

May 10, 2019
Computer Security

TikTok Pro Is a Fake App Designed to Steal Passwords

In the midst of the ongoing TikTok drama in the USA, with President Trump trying to take down the Chinese-owned social network video app from the US app stores, bad actors are making the best out of the heightened... Read more

September 24, 2020
Tips

Top 10 Tips To Help Enhance Your Smart Home Security

If you are trying to figure out how to manage your smart home security, you are already on the right track because all you need is some theoretical knowledge that you could apply practically. We are here to supply you... Read more

November 15, 2018
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.