Researchers have found a security flaw in Philips Hue smart bulbs that could allow hackers to remotely hijack and control the devices. Philips Hue smart bulbs basically allows users to control the intensity and colour of the web-connected bulbs through a computer or a smartphone.
Just by tricking an internet-connected light bulb into accepting a computer worm that can then spread malicious software to other neighbouring bulbs within the network, the hackers can hack these bulbs.
Researchers have discovered that there is a weakness in the common wireless radio protocol called ZigBee that is often used in other smart home devices as well.
The infected worm then spreads by jumping directly from one lamp to its neighbors through the built-in ZigBee wireless connectivity. The attack can start by plugging in a single infected bulb anywhere in the city, and catastrophically spread everywhere within minutes, enabling the attacker to turn all the city lights on or off, permanently brick them, or exploit them in a massive DDoS attack.
Below is the video showing how researchers take control of light bulbs at the Weizmann Institute of Science facility and cause them to flicker by driving a car 70m away.