Home Security System Fails at Being Secure, Opens Homes to Hacking & Burglaries

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
The maker of a smart home security system has failed to patch five security issues in the firmware of his product. These flaws allow an attacker to bypass authentication, take over devices, and disable alarm systems, leaving homes exposed to burglaries.

The researcher who discovered these issues is Ilia Shnaidman, Head of Security Research for BullGuard's Dojo, a home appliance for securing local IoT devices.

The researcher says he found these flaws in iSmartAlarm, a DIY home alarm system that users can assemble from different components such as security cameras, door sensors, motion sensors, smart locks, and a central unit called iSmartAlarm Cube.

Vendor has not issued patches
Shnaidman says he reached out to iSmart, the company behind the product, earlier in the year, in January. iSmart acknowledged his initial email, requested more details about the vulnerabilities but did not reply afterward.

Attempts to contact the vendor through US CERT were also unsuccessful, and the researcher eventually decided to go public with his findings so iSmartAlarm owners could replace their alarm systems in case they use them to protect valuable property.

At the time of writing, iSmart has not issued firmware updates to patch the five flaws discovered by Shnaidman.

Researcher found five vulnerabilities
....
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top