Bug Affecting IoT Devices Allows Hackers To Spy On Users

Share post:

Researchers discovered a vulnerability known as CVE-2021-28372 that can affect millions of devices worldwide connected via ThroughTek’s Kalay IoT cloud platform.

The security issue affects products from various manufacturers that offer video and surveillance solutions as well as IoT systems for home automation that use the Kalay network to easily connect and communicate with an app.

According to researchers from Mandiant’s Red Team, the vulnerability affects the Kalay protocol, which is integrated into mobile and desktop applications as a Software Development Kit SDK.

When examining the Kalay protocol from ThroughTek, the researchers found that the registration of a device in the Kalay network only requires its unique identifier (UID).

Kalay clients receive the UID from a Web API hosted by the provider of the IoT device. So, an attacker could easily register a device they control and receive all client connection attempts on the Kalay network once they have the UID of a target system thereby granting them access to login credentials that allow remote access to the victim’s audio-video data.

Researchers from Mandiant’s Red Team discovered the vulnerability in late 2020 and worked with the U.S. Cybersecurity and Infrastructure Security Agency and ThroughTek to coordinate disclosure and create mitigation options.

Owners of affected devices are advised to mitigate the risk by updating their device software and applications.

For more information, read the original story in BleepingComputer.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 24, 2024 – A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more

A threat actor leverages Windows BitLocker in ransomware attacks, beware of ORB networks, and more. Welcome to Cyber Security...

Canada centralizing cybersecurity efforts of federal IT departments

Federal departments and agencies are making only marginal progress in improving their cyber maturity, Ottawa said Wednesday as...

Cyber Security Today, May 22, 2024 – LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more

LockBit ransomware gang hits more victims, Fluent Bit servers need to be updated, and more. Welcome to Cyber Security...

Google criticizes Microsoft’s security practices in new report

Google has publicly criticized Microsoft for a series of security missteps, suggesting that organizations might consider more secure...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways