Samsung Smart Fridge Exposes Owner’s Gmail Credentials

A white hat security firm has discovered a vulnerability in one of Samsung‘s smart fridges that exposes owner’s Gmail credentials.A ‘Man in The Middle’ is the vulnerability allows potential hackers to intercept data as it travels from a server to a device. The Samsung’s RF28HMELBSR smart fridge is vulnerable to this ‘Man in The Middle’.

Ken Munro, a security researcher at Pen Test Partners discovered this vulnerability and he explained that,“While SSL is in place, the fridge fails to validate the certificate. Hence, hackers who manage to access the network that the fridge is on (perhaps through a de-authentication and fake Wi-Fi access point attack) can Man-In-The-Middle the fridge calendar client and steal Google login credentials from their neighbors, for example.”

According to Samsung, refrigerators will be updated automatically when they are connected to a network. Now, there’s no evidence that such a hack has occurred in Samsung refrigerators out in the real world, but the incident does highlight some of the security and privacy challenges posed by the Internet of Things.

After knowing this issue by Samsung it released the statement saying “At Samsung, we understand that our success depends on consumers’ trust in us, and the products and services we provide. We are investigating into this matter as quickly as possible. Protecting our consumer’s privacy is our top priority, and we work hard every day to safeguard our valued Samsung users.”

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Microsoft Fixed 100+ Vulnerabilities With October Patch Tuesday

1 comment

Jack Sparrow September 26, 2015 - 11:17 am
I tell You All to use all the technology with smartly! whatever technology you have! every technology has its own drawbacks and good features.

Comments are closed.

Add Comment