Skip to main content
  1. Home
  2. Smart Home
  3. Legacy Archives

Thousands of Belkin WeMo devices may be vulnerable to hackers: UPDATED

By
Add as a preferred source on Google

UPDATE: Belkin has now released a fix for the security issues mentioned below. To remedy the issue, Belkin urges WeMo users to download the latest app from the App Store (version 1.4.1) or Google Play Store (version 1.1.2) and then upgrade the firmware version through the app. Find more information here

According to a recently-released study from security research firm IOActive, nearly half a million Belkin WeMo devices may be vulnerable to attackers.

Recommended Videos

In a number of different experiments, the WeMo line – which includes things like remotely-controlled switches, plugs, and motion sensors for home automation – was shown to have a variety of different security flaws that give hackers the ability to:

  • Remotely control WeMo devices over the Internet
  • Perform malicious firmware updates
  • Remotely monitor devices
  • Access an internal home network

Obviously, this is bad news for Belkin, but it’s even worse news for anyone who currently has a WeMo device in their house. If these vulnerabilities are legitimate, it means that once attackers have compromised a device, they’re free to remotely turn WeMo-connected appliances on or off at will. Depending on the gear users have connected to their WeMos, this could lead to something as harmless as some wasted electricity, or as dangerous as a house fire. On top of that, WeMo motion sensors could be used to remotely monitor a house. This could make a home an easy target for tech-savvy burglars who can use a compromised WeMo to determine when people are in that house, and when they aren’t.

Additionally, once an attacker has established a connection to a WeMo device within a victim’s network, the compromised device can be used as a foothold to attack other devices on your home network – including things like laptops, mobile phones, network-attached storage, or home automation devices. 

Mike Davis, IOActive’s principal research scientist, had this to say about the findings: 

“As we connect our homes to the Internet, it is increasingly important for Internet-of-Things device vendors to ensure that reasonable security methodologies are adopted early in product development cycles. This mitigates their customer’s exposure and reduces risk.”

We couldn’t agree more.

IOActive has reached out to Belkin for comments on the issue, but has yet to receive a response. For the time being, we recommend that you unplug any WeMo devices you may own and check back for updates.

We’ll keep you posted should any security patches be released.

[via Help Net Security]

Drew Prindle
Drew Prindle
Former Senior Editor, Features
Drew Prindle is an award-winning writer, editor, and storyteller who currently serves as Senior Features Editor for Digital…
Topics
Beyond the Boundary Wire: How Yardcare and the New N1600PRO are Leading the Robotic Mower Revolution
With automated routes and advanced mapping, Yardcare N1600 PRO robot lawn mower is made to meet modern lifestyle with smart precision.
Grass, Lawn, Plant

The weekend morning dread is a real situation, and homeowners know it pretty well. I've often woken up with the realization that the next few hours will be spent toiling with the hum of a petrol engine machine and hours of pushing a heavy mower around the yard. We’ve all been there, sweating under the sun, in our quest to achieve a green carpet that looks fine at best, but rarely ever achieves the work done by an expert. A fully automated solution should address all those problems, but finding a reliable one isn't a cakewalk.

The hassles of setting up boundary wire, mastering the navigation, and requiring constant manual supervision don't really sound like an autonomous dream. But tech is finally catching up, and one of its best specimens is Yardcare’s N1600PRO. The latest from Yardcare ensures that lawn care no longer means non-stop manual effort, but relaxed efficiency. If you're a homeowner who is increasingly leaning toward automation to take care of your yard space, Yardcare is here to help you make that smart shift with the N1600PRO.

Read more
Apple is reportedly sitting on new products because Siri AI isn’t ready
Inventory shortages suggest launches are near, but delays tell a different story
Apple HomePod Featured

Apple might have new products ready to go, but it’s just not launching them yet. According to a recent report from Bloomberg, inventory for devices like the HomePod, HomePod mini, and Apple TV is running low across Apple Stores globally.

Normally, that’s a clear sign that refreshed models are around the corner. But this time, there’s a twist. Apple is reportedly holding back releases because its next-generation Siri and AI features aren’t ready yet.

Read more
Google Home update soups up Gemini and fixes frustrating papercuts
The latest Google Home update speeds up Gemini, adds new languages, and fixes recurring annoyances to make voice control smoother and smarter.
Gemini for Home devices

Google is rolling out a fresh update for the Google Home app that makes Gemini a lot more useful in day-to-day use, while also addressing several small but frustrating issues that have been holding it back. The new release follows an update from earlier this month that also brought performance improvements and bug fixes for Gemini's smart home voice controls.

What's new with Gemini for Home?

Read more