Skip to main content
  1. Home
  2. Smart Home
  3. Legacy Archives

Thousands of Belkin WeMo devices may be vulnerable to hackers: UPDATED

By
Add as a preferred source on Google

UPDATE: Belkin has now released a fix for the security issues mentioned below. To remedy the issue, Belkin urges WeMo users to download the latest app from the App Store (version 1.4.1) or Google Play Store (version 1.1.2) and then upgrade the firmware version through the app. Find more information here

According to a recently-released study from security research firm IOActive, nearly half a million Belkin WeMo devices may be vulnerable to attackers.

Recommended Videos

In a number of different experiments, the WeMo line – which includes things like remotely-controlled switches, plugs, and motion sensors for home automation – was shown to have a variety of different security flaws that give hackers the ability to:

  • Remotely control WeMo devices over the Internet
  • Perform malicious firmware updates
  • Remotely monitor devices
  • Access an internal home network

Obviously, this is bad news for Belkin, but it’s even worse news for anyone who currently has a WeMo device in their house. If these vulnerabilities are legitimate, it means that once attackers have compromised a device, they’re free to remotely turn WeMo-connected appliances on or off at will. Depending on the gear users have connected to their WeMos, this could lead to something as harmless as some wasted electricity, or as dangerous as a house fire. On top of that, WeMo motion sensors could be used to remotely monitor a house. This could make a home an easy target for tech-savvy burglars who can use a compromised WeMo to determine when people are in that house, and when they aren’t.

Additionally, once an attacker has established a connection to a WeMo device within a victim’s network, the compromised device can be used as a foothold to attack other devices on your home network – including things like laptops, mobile phones, network-attached storage, or home automation devices. 

Mike Davis, IOActive’s principal research scientist, had this to say about the findings: 

“As we connect our homes to the Internet, it is increasingly important for Internet-of-Things device vendors to ensure that reasonable security methodologies are adopted early in product development cycles. This mitigates their customer’s exposure and reduces risk.”

We couldn’t agree more.

IOActive has reached out to Belkin for comments on the issue, but has yet to receive a response. For the time being, we recommend that you unplug any WeMo devices you may own and check back for updates.

We’ll keep you posted should any security patches be released.

[via Help Net Security]

Drew Prindle
Drew Prindle
Former Senior Editor, Features
Drew Prindle is an award-winning writer, editor, and storyteller who currently serves as Senior Features Editor for Digital…
Topics
Jackery’s FridgeGuard is the slimmest fridge backup battery you can buy right now
Jackery’s new lineup ranges from a slim fridge battery to whole-home backup solutions.
jackery-fridgeguard-power-backup

If a blackout has ever cost you a fridge full of groceries, Jackery has a fix for that now. The company is introducing FridgeGuard alongside three new HomePower Series batteries, giving you power backup options for different appliances.

FridgeGuard brings a sleek new look to fridge backup power

Read more
Google’s new $99 Home Speaker offers 360-degree audio and next-gen Gemini perks
However, its most advanced AI-based features are locked behind a monthly subscription.
Sphere, Electronics, Speaker

After six years of waiting, Google has finally released a new smart speaker. The $99 Google Home Speaker is available for pre-order starting today and hits shelves on June 25, 2026. At the core of the speaker is Google's conversational AI assistant: Gemini.

With Gemini, you can now hold natural, multi-step conversations with the speaker rather than issuing individual commands. It understands natural phrasing and logic, so you can speak more naturally without phrasing everything like a voice command.

Read more
Your smart home devices could be part of a cybercrime network without you knowing
Backdoors in some smart home devices are fueling cybercrime networks
Hacker with Computer

Smart home devices and gadgets are now commonplace in many modern homes. Security cameras watch front doors, streaming boxes power TVs, and connected appliances constantly exchange data over the internet. Most people worry about companies collecting too much information, but a growing cybersecurity threat suggests consumers may have a much bigger problem to worry about.

Security researchers are warning that some internet-connected devices can contain hidden software backdoors or severe security flaws that allow outsiders to access home networks. In some cases, these devices can effectively turn a household internet connection into a tool for cybercriminals without the owner's knowledge.

Read more