Smart Plugs Used by Cyber Criminals to Break into Victims Property

This article has been indexed from E Hacking News – Latest Hacker News and IT Security News

Inexpensive intelligent connectors are a big threat to cybersecurity and can effectively be used by cybercriminals to hack anyone’s device or even gain entry to their residences, experts say. 

Usually, modern Internet-based devices can send data (using HTTPS) with stronger passwords and follow the appropriate safety practices using encrypted channels. Techradar reports that Sonoff and Ener-J smart plugs worked the opposite and that a large security issue was ready to be exploited. 

The security firm A&O IT Group documented its security analyses of two smart plugs, Sonoff S26 and Ener-J Wi-Fi, that are cheap and easily available at large. 

These smart connectors, which the customers will be able to purchase for just 10 dollars on Amazon, eBay, and AliExpress, can also be used to gain access to the Wi-Fi network of the targets by the hackers. This is because the router is communicated through port 80 via these devices, as well as because they have failed factory credentials, to send unencrypted HTTP traffic.

As soon as the attackers get Wi-Fi passwords, they can log in to the target network and do all sorts of activities from it: video and audio received from porters, insecure smart devices being regulated, confidential data downloaded, or even traffic monitoring from many other devices.