SafeUM
Home Blog Services Download Help About Recharge
EN
RU

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
EN
Lang
EN
RU
Archive
TOP Security!
27 Aug 2015

Samsung smart fridge leaves Gmail logins open to attack

Security researchers have discovered a potential way to steal users’ Gmail credentials from a Samsung smart fridge.

Pen Test Partners discovered the MiTM (man-in-the-middle) vulnerability that facilitated the exploit during an IoT hacking challenge at the recent DEF CON hacking conference.

The hack was pulled off against the RF28HMELBSR smart fridge, part of Samsung’s line-up of Smart Home appliances which can be controlled via their Smart Home app. While the fridge implements SSL, it fails to validate SSL certificates, thereby enabling man-in-the-middle attacks against most connections. The internet-connected device is designed to download Gmail Calendar information to an on-screen display. Security shortcomings mean that hackers who manage to jump on to the same network can potentially steal Google login credentials from their neighbours.

"The internet-connected fridge is designed to display Gmail Calendar information on its display," explained Ken Munro, a security researcher at Pen Test Partners. "It appears to work the same way that any device running a Gmail calendar does. A logged-in user/owner of the calendar makes updates and those changes are then seen on any device that a user can view the calendar on."

"While SSL is in place, the fridge fails to validate the certificate. Hence, hackers who manage to access the network that the fridge is on (perhaps through a de-authentication and fake Wi-Fi access point attack) can Man-In-The-Middle the fridge calendar client and steal Google login credentials from their neighbours, for example." Pen Test Partners provides a walk-through of its various attempts to hack into the fridge in a blog post. It drove up several cul-de-sacs before discovering the way through to an exploit.

As the fridge is not yet available in Europe, the UK-based security consultancy ran out of time at DEF CON in its attempts to intercept communications between the fridge terminal and the software update server. Attempts to mount a firmware-based attack via customer updates also got nowhere. However they had more luck when it pulled apart the mobile app, discovering a potential (but as yet unconfirmed) security problem in the process.

The name of a file found in a keystore in the mobile app’s code suggested that it contained the certificate used to encrypt traffic between mobile app and fridge. The certificate is correctly passworded, but the credential to the certificate appeared to be stored in the mobile app in an obfuscated form. If so, the next step would be to figure out the password, then use the certificate data to authenticate to the fridge and send commands to it over the air.

Pen Test Partners' Pedro Venda added: “We wanted to pull the terminal unit out of the fridge to get physical access to things like a USB port and serial or JTAG interfaces, but ran out of time. However, we still found some interesting bugs that definitely merit further investigation. The MiTM alone is enough to expose a user’s Gmail creds." The team at Pen Test Partners is doing more and more IoT security and hacking research of late. Back in February, it published research which revealed Samsung's smart TVs fail to encrypt voice recordings sent over the internet.

Samsung has contacted us to say that they were looking into the matter: "At Samsung, we understand that our success depends on consumers’ trust in us, and the products and services that we provide. We are investigating into this matter as quickly as possible. Protecting our consumers’ privacy is our top priority, and we work hard every day to safeguard our valued Samsung users.”

Tags:
Samsung information leaks Google Gmail
Source:
The Register
1955
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015