A new vulnerability found in Philips Hue light bulb where hackers gain access to the victim’s network and other devices connected to it.
Home automation is one of the very curious technologies where you can control objects such as fans, bulbs, doors through simple apps. This increases the ease of use with less security.
The severity flaw CVE-2020-6007, in Philips Hue Smart Light Bulbs discovered by Checkpoint the cybersecurity firm, allows attackers to take control of an individual bulb, insert malicious firmware to it and spread other malicious software throughout a network.
How does malware work?
- The attacker could take control of a Hue light bulb using the ZigBee exploit and install malicious firmware in it.
- Then the attacker would be able to mess with the light, changing colour and brightness to trick the network owner thinking that the bulb is glitched.
- The user tries to reset the glitched bulb, by deleting it from the app and then re-add it.
- The hackers would be able to deploy the malicious firmware and use the ZigBee protocol to connect to the targeted office or home computer network.
- Finally, the hackers would be able to spread ransomware or spyware throughout the network.
“Many of us are aware that loT devices can pose a security risk, but this research shows how even the most mundane, seemingly ‘dumb’ devices such as light bulbs can be exploited by hackers and used to take over networks, or plant malware,” said Yaniv Balmas, Head of Cyber Research, Check Point Research.
“It’s critical that organisations and individuals protect themselves against these possible attacks by updating their devices with the latest patches and separating them from other machines on their networks, to limit the possible spread of malware. In today’s complex fifth-generation attack landscape, we can afford to overlook the security of anything that is connected to our networks.”
Check Point reported the issue to Philips and Signify (parent company) in November 2019. The company released firmware patches for the device in January.
It is always recommended to check for updates and install the Philips Hue smart bulb or any other smart bulb app regularly.
Check Point mentioned that an infected bulb won’t show up in a list of devices because the attacker has already taken control of it, thereby removing it from the list of known devices.
You may be interested in reading: ASP.NET Hit by Ransomware