Hackers have come after your phone, your computer, and your car. Now hackers are coming after your home refrigerators, Smart TVs, and eventually KETTLES.
Yes, your kettle turns out good for more than just heating up water or making coffee for you– they are potentially a good way for hackers to breach your wireless network.
Ken Munro, a security researcher at PenTest Partners, has managed to hack into an insecure iKettle, which was proclaimed "the world's first Wi-Fi kettle" by its developers, and stolen a home's Wi-Fi password. Besides boiling water, the iKettle can connect to a user's home Wi-Fi network. It also comes inbuilt with an Android and iOS app that allows the user to switch on the kettle and boil the water from other location. However, the biggest security flaw resides in the Android iKettle app that keeps the kettle's password as the default value.
The iOS iKettle app sets a six-digit code, but that can still be broken. This security vulnerability, according to the researcher, could allow hackers to crack the password of your home WiFi network to which the kettle is connected.
How to Hack WiFi Password vai iKettle?
To demonstrate the hack, Munro used a directional antenna aiming at the target house where an iKettle is used. This forced the iKettle into dropping its current Wi-Fi network and tricking the kettle into connecting to Munro's unencrypted Wi-Fi network.
The iKettle connected to the unencrypted Wi-Fi network using the same name and password for the original encrypted Wi-Fi network. Once Munro hijacked the Wi-Fi connection, he and his co-workers were able to convince the iKettle to give the key for the encrypted network by sending just two commands via Telnet. The little kettle even handed Munro the encrypted key in plain text.
Munro along with his co-workers recently presented their research in London to show how Internet of Things (IoT) could be an easy target for hackers. Hopefully, their work will encourage IoT companies to focus on securing their devices and remind consumers of connected devices to think twice before connecting another device to their networks. Earlier security researchers discovered a potential way to steal users Gmail credentials from a Samsung smart fridge.