Technology
Hackers can hijack Philips Hue smart bulbs to take over your home
We’ve all seen this movie: The lights inexplicably start to flicker and a naive homeowner writes it off as just a glitch. But no! There’s something… in … the house.
In the smart home age, that horror scenario could actually come to life — except the intruders aren’t angry spirits, they’re hackers.
A new report from Check Point Research, a cyber threat intelligence outfit, shows how a vulnerability in a Philips Hue smart lightbulb could allow attackers to gain control over the home or business network of which the bulb is a part.
Philips Hue and other smart lightbulbs allow users to control the lighting with an app or smart assistant. They’re convenient and fun (they change colors!), but apparently making innocuous appliances in your home “smart” is not without its downsides.
The assault scenario is truly spooky. Check Point researchers used a previously discovered vulnerability in the smart bulb to hijack it. They then control the bulb’s functioning, causing it to become unresponsive or even — gasp — flicker.
Since the bulbs no longer respond to their owner’s control, this prompts the user to reset the bulb in the app that controls it. Doing that allows the hackers to spread their malware to the smart home hub between the bulb and the home network (on a popular wireless protocol called ZigBee), which allows it to gain access to the rest of the connected devices on the network. Home: invaded.
Here’s a video of how it all goes down.
Check Point Research made the company that owns Philips Hue bulbs, Signify, aware of the threat in November 2019. Bulb owners should have received an automatic update, but can now also manually update their firmware to prevent against this sort of attack.
This scenario only demonstrated the vulnerability of these specific smart bulbs, but Check Point told Mashable that it could shine a light on possible threats from other smart home products.
“The fact that IoT products are connected to a central network means they can serve as a new ‘attack vector’ and are a means to get right inside the central network and inject it with malicious files,” a Check Point Research representative said. “We showed an example of how this works, but the danger is potentially much larger.”
Almost makes you wish your home was dumb again…
Why women behaving badly are dominating our screens
‘Spellbound’ review: Netflix’s animated adventure finds its magic right at the end
2024 Black Friday ads: Greatest deals from Target, Greatest Buy, Walmart, Kohls, and more
Greatest Amazon Black Friday deals: Early savings on Fire TVs, robot vacuums, and MacBooks
A24 is selling chocolate now. But what would their films actually taste like?
New teen video-viewing guidelines: What you should know
‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
How to watch ‘Smile 2’ at home: When is it streaming?
Black Friday 2024: The greatest early deals in Australia – live now
‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
‘Here’ review: Robert Zemeckis, Tom Hanks, and Robin Wright reunite
The 34 greatest Australian horror films (and where to watch them)
Menendez brothers case reignites online: The questions that keep resurfacing
How to watch the 2024-2025 NBA season without cable: The greatest streaming deals
Election 2024: The truth about voting machine security
Halloween 2024: Weekend debates, obscure memes, and a legacy of racism
‘Only Murders in the Building’ Season 4 ending explained: Who killed Sazz and why?
‘Dragon Age: The Veilguard’ review: BioWare made a good game again
‘Wallace and Gromit: Vengeance Most Fowl’ review: A delightful romp with an anti-AI streak
Review: I tested the new GoPro Hero 13 Black by land and sea
Why women behaving badly are dominating our screens
‘Spellbound’ review: Netflix’s animated adventure finds its magic right at the end
2024 Black Friday ads: Greatest deals from Target, Greatest Buy, Walmart, Kohls, and more
Greatest Amazon Black Friday deals: Early savings on Fire TVs, robot vacuums, and MacBooks
A24 is selling chocolate now. But what would their films actually taste like?
New teen video-viewing guidelines: What you should know
‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
How to watch ‘Smile 2’ at home: When is it streaming?
Black Friday 2024: The greatest early deals in Australia – live now
‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
-
Entertainment7 days agoEarth’s mini moon could be a chunk of the big moon, scientists say
-
Entertainment7 days agoThe space station is leaking. Why it hasn’t imperiled the mission.
-
Entertainment6 days ago‘Dune: Prophecy’ review: The Bene Gesserit shine in this sci-fi showstopper
-
Entertainment5 days agoBlack Friday 2024: The greatest early deals in Australia – live now
-
Entertainment4 days agoHow to watch ‘Smile 2’ at home: When is it streaming?
-
Entertainment3 days ago‘Wicked’ review: Ariana Grande and Cynthia Erivo aspire to movie musical magic
-
Entertainment3 days agoA24 is selling chocolate now. But what would their films actually taste like?
-
Entertainment3 days agoNew teen video-viewing guidelines: What you should know
