2 min read

Baby monitor hacked to snoop on mother breastfeeding

Filip TRUȚĂ

June 11, 2018

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Baby monitor hacked to snoop on mother breastfeeding

IP cameras are back in the IoT security news. Shortly after researchers found remote control vulnerabilities in Foscam security cameras, a mother from South Carolina called police to report that a hacker was watching her breastfeed through a baby monitor.

Jamie Summitt had bought the $34 Fredi Wireless cam off of Amazon chiefly for its ability to pan 360 degrees and send the video feed to the family’s smartphones, even when they’re away from home, over WiFi.

“All of a sudden I noticed out of the corner of my eye that the camera was moving…and it was panning over to our bed. The exact spot that I breastfeed my son every day. Once the person watching realized I was not in bed, he panned back over to Noah asleep in his bassinet,” Summitt wrote on Facebook in a warning to all parents who rely on baby monitors to keep tabs on their children.

The device was apparently very easy to hack, even though Summitt swapped the default password for a complex one. The improved password doesn’t rule out a potential brute force attack, but it may point to a different attack route, such as a vulnerability in the camera itself.

When Summitt called the North Charleston Police Department, the monitor’s app locked up, returning the error message “insufficient permissions,” suggesting the hacker bailed out and bricked the device to erase any trail.

“I feel so violated,” the mother wrote. “This person has watched me day in and day out in the most personal and intimate moments between my son and I. I am supposed to be my son’s protector and have failed miserably. I honestly don’t ever want to go back into my own bedroom.”

As we’ve written in the past, one of the primary faults with low-end IoT devices (i.e. Chinese knockoffs) is that many of them roll out of the factory without proper security checks. Because of this, the UK has issued a proposal for IoT vendors to secure their products “by design,” similar to how the EU’s GDPR asks data custodians to secure their systems and processes “by design and by default.” The UK hopes to soon draft a law based on its proposal.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

The Emergence of FiveSys, a Malicious Signed Rootkit The Emergence of FiveSys, a Malicious Signed Rootkit
Silviu STAHIE

October 21, 2021

1 min read
Top Reasons why People Are Not Using a Security Tool on Their Phone Top Reasons why People Are Not Using a Security Tool on Their Phone
Filip TRUȚĂ

October 21, 2021

2 min read
Internet Traffic Normalizes in 2021, Bitdefender Data Shows Internet Traffic Normalizes in 2021, Bitdefender Data Shows
Silviu STAHIE

October 21, 2021

2 min read