- Kim Kardashian says Kylie Jenner’s setting spray is ‘cheap sh*t’ 7 Months Ago
- Trump continues to demand Apple unlock iPhones for the government 7 Months Ago
- Police officer suspended after video of a handcuffed Delonte West surfaces 7 Months Ago
- ‘Girls don’t want a boyfriend’ meme leaves boyfriends in 2019 Today 11:21 AM
- Are these tweets about ‘The Bachelor’ or Trump’s impeachment? Today 10:45 AM
- Likely file Saudi prince sent to Jeff Bezos’ to hack his phone revealed Today 10:10 AM
- Will Olivia Jade have to testify against her mother, Lori Loughlin, in bribery trial? Today 10:07 AM
- Gina Rodriguez slammed for promoting ‘American Dirt’ Today 9:26 AM
- Netflix says ‘The Witcher’ is its biggest show. Is it really? Today 8:59 AM
- Tulsi Gabbard sues Hillary Clinton for podcast comments Today 8:53 AM
- Lizzo reps Beyoncé’s Ivy Park collection in adult-themed TikTok Today 7:58 AM
- Netflix’s ‘Eye for an Eye’ is a fun but messy thriller about revenge Today 7:00 AM
- Which 2020 Democratic candidates post the most cringe? Today 6:30 AM
- The new ‘Hunger Games’ book paints President Snow as a hero—and people are not happy Tuesday 9:03 PM
- Influencer called out for ‘troubling image’ with Kenyan child Tuesday 8:18 PM
Two security researchers have revealed vulnerabilities in a popular smart home system that could allow an attacker to unlock your front door.
The research, published Tuesday by Chase Dardaman and Jason Wheeler, shows how a series of flaws in a product from smart home company Zipato can be combined to enter any user’s home in just a matter of seconds.
The hacking duo first announced their findings in March but waited until Zipato was able to develop a fix for the issue before releasing details on how the attack is performed.
The vulnerabilities were discovered in the Zipamicro, a hub used to control a range of smart home devices such as Nest thermostats and Philips Hue light bulbs.
Dardaman and Wheeler found a way to gain root access on the product, allowing them to control the device without knowing the password.
Although the researchers noted that such an attack would require a hacker to use the same WiFi network as the Zipamicro, any such devices connected to the open internet could be unlocked remotely. Using Shodan, a search engine that locates devices connected to the open internet, the researchers were able to find five vulnerable Zipamicro products.
In addition to fixing the currently available vulnerable products’ bugs, Zipato also discontinued selling new Zipamicro devices as well.
Unfortunately, such vulnerabilities are seemingly common in smart home technology. Just last month, Google was forced to fix a flaw that allowed Nest camera owners be spied on.
- 3 ways to secure your Nest cameras
- Hacker infiltrates Nest cameras to gain PewDiePie subscribers
- Family says hacker sent fake North Korean missile warning through Nest camera
Got five minutes? We’d love to hear from you. Help shape our journalism and be entered to win an Amazon gift card by filling out our 2019 reader survey.
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.