The advancement of technology has benefitted a lot to the world and though it has proven to be quite useful for all of us there are some down sides to it as well. The more technology has evolved, the more it has become easier for cybercrimes to take place. At times tech devices can also show some defaults due to which they are more vulnerable to risks and one such device which was recently noted to be a major cybersecurity vulnerability is the cheap smart plugs which are frequently used by criminal’s people’s devices and even homes.
A&O IT Group is a security firm which wrote a blog post about security devices in which they mentioned two smart plugs which are as cheap as 10 dollars and are available on various online shopping sites such as Amazon and eBay and are precisely known as the Sonoff S26 and the Ener-J WiFi.
The purpose of such devices is to obtain login credentials of a user’s targeted Wi-Fi device. But you must be wondering how does this cheap smart plugs make it so easy for bad actors to obtain such private information? Well, this happens because these devices communicate with the router via port 80 and send unencrypted HTTP traffic and can also happen because of weak default factory passwords.
There are so many downfalls as to when a hacker manages to achieve your credentials because once they manage to connect to your network after receiving the credentials they can misuse it. The hackers can receive video and audio data from computers, monitor traffic or even control vulnerable smart devices. The hackers can also use your Wi-Fi to download illegal materials from different sites which can be dangerous for your safety as well as launch attacks on other users’ devices, without being caught or known.
The biggest and most dangerous outcome of the misuse of such cheap smart plugs is that people who get hacked firstly do not even realize that there Wi-Fi network has been hacked and if they have the smart door locks installed in their homes as well as video surveillance cameras on the same network, it is literally a child’s play for the hacker to know when the house victims are at home and when not and can easily break into their house.
The A&O IT Group have also written in their blog that they have notified both the companies about the vulnerabilities that has been detected in their devices, however they are still waiting for a comment back.
Experts from CNX Software, have given a way to avoid the issue by setting up a guest SSID for the internet of things devices, so that other important devices don’t share the same network.
Photo: GettyImages
Read next: Cryptojacking surges as miners get exploited
A&O IT Group is a security firm which wrote a blog post about security devices in which they mentioned two smart plugs which are as cheap as 10 dollars and are available on various online shopping sites such as Amazon and eBay and are precisely known as the Sonoff S26 and the Ener-J WiFi.
The purpose of such devices is to obtain login credentials of a user’s targeted Wi-Fi device. But you must be wondering how does this cheap smart plugs make it so easy for bad actors to obtain such private information? Well, this happens because these devices communicate with the router via port 80 and send unencrypted HTTP traffic and can also happen because of weak default factory passwords.
There are so many downfalls as to when a hacker manages to achieve your credentials because once they manage to connect to your network after receiving the credentials they can misuse it. The hackers can receive video and audio data from computers, monitor traffic or even control vulnerable smart devices. The hackers can also use your Wi-Fi to download illegal materials from different sites which can be dangerous for your safety as well as launch attacks on other users’ devices, without being caught or known.
The biggest and most dangerous outcome of the misuse of such cheap smart plugs is that people who get hacked firstly do not even realize that there Wi-Fi network has been hacked and if they have the smart door locks installed in their homes as well as video surveillance cameras on the same network, it is literally a child’s play for the hacker to know when the house victims are at home and when not and can easily break into their house.
The A&O IT Group have also written in their blog that they have notified both the companies about the vulnerabilities that has been detected in their devices, however they are still waiting for a comment back.
Experts from CNX Software, have given a way to avoid the issue by setting up a guest SSID for the internet of things devices, so that other important devices don’t share the same network.
Photo: GettyImages
Read next: Cryptojacking surges as miners get exploited