Bug Affecting IoT Devices Allows Hackers To Spy On Users

Share post:

Researchers discovered a vulnerability known as CVE-2021-28372 that can affect millions of devices worldwide connected via ThroughTek’s Kalay IoT cloud platform.

The security issue affects products from various manufacturers that offer video and surveillance solutions as well as IoT systems for home automation that use the Kalay network to easily connect and communicate with an app.

According to researchers from Mandiant’s Red Team, the vulnerability affects the Kalay protocol, which is integrated into mobile and desktop applications as a Software Development Kit SDK.

When examining the Kalay protocol from ThroughTek, the researchers found that the registration of a device in the Kalay network only requires its unique identifier (UID).

Kalay clients receive the UID from a Web API hosted by the provider of the IoT device. So, an attacker could easily register a device they control and receive all client connection attempts on the Kalay network once they have the UID of a target system thereby granting them access to login credentials that allow remote access to the victim’s audio-video data.

Researchers from Mandiant’s Red Team discovered the vulnerability in late 2020 and worked with the U.S. Cybersecurity and Infrastructure Security Agency and ThroughTek to coordinate disclosure and create mitigation options.

Owners of affected devices are advised to mitigate the risk by updating their device software and applications.

For more information, read the original story in BleepingComputer.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for Friday, December 1, 2023

This episode features a discussion on ransomware, the latest explanation from Okta of a support hack and a survey of infosec pros whose firms w

Cyber Security Today, Dec. 1, 2023 podcast – More on Booking.com compromises

This episode reports on the sanctioning of the Sinbad crypto mixe

All Okta customer support users had their email addresses copied

Identity and access provider Okta now says the threat actor who accessed its customer help desk system last month got the names and email addresses of all contacts of organizations that use its support system. Originally, the company said that, after an investigation, it determined only one per cent of the contacts from its 18,000

Failure of technology to detect attacks is a prime cause of breaches: Survey

Despite the money being poured into cybersecurity by IT departments, the leading cause of breaches of security controls was the failure of technology to detect an attack, a new survey from Trellix suggests. Forty-two per cent of respondents to the international survey of infosec leaders whose organization had suffered a recent cyber attack said their

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways