This Is How Hackers Can Use Smart Bulbs to Spy on Your Wi-Fi Password

With the growing popularity of Internet of Things (IoT) devices, it has become crucial to implement stringent security and privacy policies for the safety of the users. That’s because IoT devices like smart bulbs connect to your Wi-Fi network and can pose a security threat. And in a recent turn of events, it seems like smart bulbs are much more prone to cyberattacks and if undetected, can cause serious impact.

Your Smart Bulb Can Expose Your Wi-Fi Password

Your Smart Bulb Can Expose Your Wi-Fi Password

Researchers from Italy and the UK were able to discover four critical vulnerabilities in thepopular L530E smart bulb from TP-Linkand in its proprietary Tapo app, as part of theirresearchon the potential security risks posed by smart IoT devices.

The study reveals that by using four critical flaws within the L530E smart bulb and the Tapo app, hackers can easily gain access to your Wi-Fi network andpotentially steal your Wi-Fi password.The bad actor can further modify the password and use it to manipulate other connected IoT devices and cause serious data and security breaches.

List of TP-Link Tapo L530 and Tapo App Vulnerabilities

After a thorough study, researchers from the Universita di Catania and the University of London were able to detect four key vulnerabilities within the Tapo L530 smart bulb and the Tapo app. These are:

Finally, the issue stems from the lack of checks for the freshness of received messages, keeping session keys valid for 24 hours, and allowing attackers to replay messages during that period.

What Is the Solution to this Smart Bulb Vulnerability?

Following the revelations of the research paper, TP-Link has shared anofficial statementwhere it has acknowledged the research findings and has subsequently revealed that anew firmware and app updateto fix the four vulnerabilities has already been rolled out. You can update the Tapo App from theGoogle Play Storeand the iOSApp Store.

To update the L530 smart bulb, visit theTP-Link support page. Find the list of affected smart bulbs attached below. So, if you own the Tapo L530 smart bulb, make sure to update the device firmware and the Tapo app on a priority.

Siddhartha Samaddar

A curious being who is fascinated by the world of tech and literature alike. Always in the lookout for the “next big thing” in software. In my free time you can find me either trying my hand at gaming or daydreaming about my “ideal gaming setup.”

Add new comment

Name

Email ID

Δ

01