{"id":65218,"date":"2017-10-31T06:42:32","date_gmt":"2017-10-30T22:42:32","guid":{"rendered":"https:\/\/techielobang.com\/blog\/?p=65218"},"modified":"2017-10-31T06:42:32","modified_gmt":"2017-10-30T22:42:32","slug":"robot-vacuum-cleaner-watching-you","status":"publish","type":"post","link":"https:\/\/techielobang.com\/blog\/2017\/10\/31\/robot-vacuum-cleaner-watching-you\/","title":{"rendered":"Your Robot Vacuum Cleaner Might Be Watching You (Video)"},"content":{"rendered":"<p>With technology, we enjoy the conveniences in our way of life. With IoT (Internet of Things), everything seems to be connected to the web. What you may or may not know is that they can be hacked.<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"65219\" data-permalink=\"https:\/\/techielobang.com\/blog\/2017\/10\/31\/robot-vacuum-cleaner-watching-you\/lg-hom-bot-hacked\/\" data-orig-file=\"https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?fit=800%2C450&amp;ssl=1\" data-orig-size=\"800,450\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"lg-hom-bot-hacked\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?fit=300%2C169&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?fit=800%2C450&amp;ssl=1\" class=\"aligncenter size-full wp-image-65219\" src=\"https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?resize=800%2C450&#038;ssl=1\" alt=\"\" width=\"800\" height=\"450\" srcset=\"https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?w=800&amp;ssl=1 800w, https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?resize=300%2C169&amp;ssl=1 300w, https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?resize=768%2C432&amp;ssl=1 768w, https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?resize=98%2C55&amp;ssl=1 98w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><\/p>\n<p><!--more--><\/p>\n<p>Check out how this LG\u00a0Hom-Bot robot vacuum cleaner can be hacked via LG SmartThinkQ mobile app. Thankfully, Check Point and LG have managed to identify the issue and patch the vulnerability.<\/p>\n<p>Here is the video of the hack from the LG Hom-Bot robot vacuum cleaner.<\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/BnAHfZWPaCs\" width=\"800\" height=\"450\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<p>Remember, anything that is connected to the web could be hacked. Read the Press Release for more information.<\/p>\n<p>BTW, if you owned any IoT products from LG, remember to update them to the latest version.<\/p>\n<p><span style=\"text-decoration: underline;\"><strong>Press Release<\/strong><\/span><\/p>\n<h2 style=\"text-align: center;\">Check Point Joins Forces With LG To Secure Their Smart Home Devices<\/h2>\n<p style=\"text-align: center;\"><em>Check Point helps block a major security vulnerability in LG\u00a0SmartThinQ\u00ae home IoT appliances<\/em><\/p>\n<p><strong>Singapore, October 30, 2017 &#8211;<\/strong> Check Point Software Technologies Ltd.\u00a0(NASDAQ: CHKP) a leading provider of cyber-security solutions globally,\u00a0today announced that its security researchers have discovered HomeHack\u00a0&#8211; a vulnerability that exposed millions of users of LG SmartThinQ\u00ae\u00a0smart home devices to the risk of unauthorized remote control of their\u00a0SmartThinkQ home appliances.<\/p>\n<p>The vulnerabilities in the LG SmartThinkQ mobile app and cloud\u00a0application enabled the Check Point research team to remotely login to\u00a0SmartThinQ cloud application, take over the user&#8217;s legitimate LG account, and gain control of the vacuum cleaner and its integral video\u00a0camera. Once in control of a specific user&#8217;s LG account, any LG device\u00a0or appliance associated with that account could be controlled by the\u00a0attacker &#8211; including the robot vacuum cleaner, refrigerators, ovens,\u00a0dishwashers, washing machines and dryers, and air conditioners.<\/p>\n<p>The HomeHack vulnerability gave attackers the potential to spy on\u00a0users&#8217; home activities via the Hom-Bot robot vacuum cleaner video\u00a0camera, which sends live video to the associated LG SmartThinQ app as\u00a0part of its HomeGuard Security feature. Depending on the LG appliances\u00a0in the owner&#8217;s home, attackers could also switch dishwashers or washing\u00a0machines on or off.<\/p>\n<p>&#8220;As more and more smart devices are being used in the home, hackers\u00a0will shift their focus from targeting individual devices, to hacking\u00a0the apps that control networks of devices. This provides cyber\u00a0criminals with even more opportunities to exploit software flaws, cause\u00a0disruption in users&#8217; homes and access their sensitive data,&#8221; said Oded\u00a0Vanunu, head of products vulnerability research at Check Point. &#8220;Users\u00a0need to be aware of the security and privacy risks when using their IoT\u00a0devices and it&#8217;s essential that IoT manufacturers focus on protecting\u00a0smart devices against attacks by implementing robust security during\u00a0the design of software and devices.&#8221;<\/p>\n<p>The vulnerabilities in the SmartThinQ mobile app enabled Check Point&#8217;s\u00a0researchers to create a fake LG account, and then use this to take over\u00a0a user&#8217;s legitimate LG account, and in turn gain remote control of the\u00a0user&#8217;s smart LG appliances. Check Point disclosed the vulnerability to\u00a0LG on July 31 2017, following responsible disclosure guidelines. LG\u00a0responded by fixing the reported issues in the SmartThinQ application\u00a0at the end of September. &#8220;Thankfully, LG responsibly provided a quality\u00a0fix to stop possible exploitation of the issues in its SmartThinQ app\u00a0and devices,&#8221; said Oded Vanunu.<\/p>\n<p>&#8220;As part of LG Electronics&#8217; mission to enhance the lives of consumers\u00a0worldwide, we are expanding our next-generation smart home appliance\u00a0lineup, while also prioritizing the development of safe and reliable\u00a0software programs,&#8221; said Koonseok Lee Manager of Smart Development\u00a0Team, Smart Solution BD, LG Electronics. &#8220;In August, LG Electronics\u00a0teamed with Check Point Software Technologies to run an advanced\u00a0rooting process designed to detect security issues and immediately<br \/>\nbegan updating patch programs. Effective\u00a0<span class=\"aBn\" tabindex=\"0\" data-term=\"goog_670042409\"><span class=\"aQJ\">September 29th<\/span><\/span>\u00a0the security\u00a0system has been running the updated\u00a0<span class=\"aBn\" tabindex=\"0\" data-term=\"goog_670042410\"><span class=\"aQJ\">1.9.20<\/span><\/span>\u00a0version smoothly and\u00a0issue-free. LG Electronics plans to continue strengthening its software\u00a0security systems as well as work with cyber-security solution providers\u00a0like Check Point to provide safer and more convenient appliances.&#8221;<\/p>\n<p>To protect their devices, users of the LG SmartThinQ mobile app and\u00a0appliances should ensure they are updated to the latest software\u00a0versions from the LG website. Check Point also advises consumers to\u00a0take the following steps to secure their smart devices and home Wi-Fi\u00a0networks against intrusion and the possibility of remote device\u00a0takeover:<\/p>\n<ol>\n<li>Update LG SmartThinQ app to the latest version (V1.9.23), you can\u00a0update the app via Google play store, Apple&#8217;s App Store or via LG\u00a0SmartThinQ app settings.<\/li>\n<li>Update your Smart home physical devices with the latest version, you\u00a0can do that by clicking on the smart home product under smartThinQ\u00a0application Dashboard (if an update is available you will get a popup\u00a0alerting you)<\/li>\n<\/ol>\n<p>LG&#8217;s SmartThinQ\u00ae range of smart appliances and safety solutions enable\u00a0users to monitor and maintain their homes from a smartphone. Sales of\u00a0the Hom-Bot robotic vacuum cleaner alone exceeded 400,000 in the first\u00a0half of 2016. In 2016, 80 million smart home devices were shipped<br \/>\nworldwide, a 64% increase from 2015.<\/p>\n<p>A video of how the attack could be done can be viewed at:<\/p>\n<p><a href=\"https:\/\/www.youtube.com\/watch?v=BnAHfZWPaCs\" target=\"_blank\" rel=\"noreferrer noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=https:\/\/www.youtube.com\/watch?v%3DBnAHfZWPaCs&amp;source=gmail&amp;ust=1509472285628000&amp;usg=AFQjCNEZaKKuFDvyOeioCRjz_EaiUQ1AJA\">https:\/\/www.youtube.com\/watch?<wbr \/>v=BnAHfZWPaCs<\/a><\/p>\n<p>To learn more about this vulnerability, visit the Check Point blog at<br \/>\n<a href=\"http:\/\/blog.checkpoint.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=http:\/\/blog.checkpoint.com&amp;source=gmail&amp;ust=1509472285628000&amp;usg=AFQjCNEs2bLXX5IR9d7n_MeOJo4wE7tsVA\">http:\/\/blog.checkpoint.com<\/a><\/p>\n<p>Follow Check Point via:<\/p>\n<p>Twitter:\u00a0<a href=\"http:\/\/www.twitter.com\/checkpointsw\" target=\"_blank\" rel=\"noreferrer noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=http:\/\/www.twitter.com\/checkpointsw&amp;source=gmail&amp;ust=1509472285628000&amp;usg=AFQjCNFntn-51v7oA4zyJ-dSzGlx05Ahgg\">http:\/\/www.twitter.com\/checkpo<wbr \/>intsw<\/a><br \/>\nFacebook:\u00a0<a href=\"https:\/\/www.facebook.com\/checkpointsoftware\" target=\"_blank\" rel=\"noreferrer noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=https:\/\/www.facebook.com\/checkpointsoftware&amp;source=gmail&amp;ust=1509472285628000&amp;usg=AFQjCNHqISZSlYA28ScrTuYu2deeCN8-lw\">https:\/\/www.facebook.com\/check<wbr \/>pointsoftware<\/a><br \/>\nBlog:\u00a0<a href=\"http:\/\/blog.checkpoint.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=http:\/\/blog.checkpoint.com&amp;source=gmail&amp;ust=1509472285628000&amp;usg=AFQjCNEs2bLXX5IR9d7n_MeOJo4wE7tsVA\">http:\/\/blog.checkpoint.com<\/a><br \/>\nYouTube:\u00a0<a href=\"http:\/\/www.youtube.com\/user\/CPGlobal\" target=\"_blank\" rel=\"noreferrer noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=http:\/\/www.youtube.com\/user\/CPGlobal&amp;source=gmail&amp;ust=1509472285628000&amp;usg=AFQjCNFmwHtMOZczl_WXurXjiqeN8W9Low\">http:\/\/www.youtube.com\/user\/CP<wbr \/>Global<\/a><br \/>\nLinkedIn:\u00a0<a href=\"https:\/\/www.linkedin.com\/company\/check-point-software-technologies\" target=\"_blank\" rel=\"noreferrer noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=https:\/\/www.linkedin.com\/company\/check-point-software-technologies&amp;source=gmail&amp;ust=1509472285628000&amp;usg=AFQjCNF8FSMt2yA2j8dj0agu4pAZBwCW3g\">https:\/\/www.linkedin.com\/compa<wbr \/>ny\/check-point-software-techno<wbr \/>logies<\/a><\/p>\n<p><strong>About Check Point Software Technologies Ltd.<\/strong><\/p>\n<p>Check Point Software Technologies Ltd. (<a href=\"http:\/\/www.checkpoint.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" data-saferedirecturl=\"https:\/\/www.google.com\/url?hl=en&amp;q=http:\/\/www.checkpoint.com&amp;source=gmail&amp;ust=1509472285628000&amp;usg=AFQjCNEljYms2DZuOz1flHxPczlR3wwhxg\">www.checkpoint.com<\/a>) is a\u00a0leading provider of cyber security solutions to governments and\u00a0corporate enterprises globally. Its solutions protect customers from\u00a0cyber-attacks with an industry leading catch rate of malware,\u00a0ransomware and other types of attacks. Check Point offers a multilevel\u00a0security architecture that defends enterprises&#8217; cloud, network and\u00a0mobile device held information, plus the most comprehensive and\u00a0intuitive one point of control security management system. Check Point\u00a0protects over 100,000 organizations of all sizes.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>With technology, we enjoy conveniences in way of life. With IoT (Internet of Things), everything is connected. What you may not know is that they can be hacked.<\/p>\n","protected":false},"author":1,"featured_media":65219,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_links_to":"","_links_to_target":""},"categories":[1509,4,14,3],"tags":[15560,4357,2036,8990,11286,12760,15953,136,14665,16139,8621],"class_list":["post-65218","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-featured","category-information","category-techie","category-technology","tag-check-point","tag-featured-2","tag-hacked","tag-hacker","tag-hom-bot","tag-internet-of-things","tag-iot","tag-lg","tag-robot-vacuum","tag-smartthinkq","tag-vacuum-cleaner"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/techielobang.com\/blog\/wp-content\/uploads\/2017\/10\/lg-hom-bot-hacked.jpg?fit=800%2C450&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/p8YKZ-gXU","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/posts\/65218","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/comments?post=65218"}],"version-history":[{"count":1,"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/posts\/65218\/revisions"}],"predecessor-version":[{"id":65220,"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/posts\/65218\/revisions\/65220"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/media\/65219"}],"wp:attachment":[{"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/media?parent=65218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/categories?post=65218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techielobang.com\/blog\/wp-json\/wp\/v2\/tags?post=65218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}