Computer science researchers from the University of Michigan bear shown how malicious apps could take control of Internet of Things devices in Samsung’s SmartThings platform – including the ability of an attacker to unlock a front door to gain physical access to a domestic.
The main weakness identified is that way that the SmartThings platform grants apps more privileges than needed to perform their stated functions,reports The Verge.
The researchers demonstrated this finding with a proof of concept app promising to monitor battery life on various devices. If the user agreed to let the malicious — but seemingly innocuous — app access their smart lock, the researchers could then not only monitor its battery, and but perform the lock’s other functions,including unlocking the door. The researchers found 42 percent of 499 analyzed SmartApps are currently over-privileged in a similar way … more…[br]Filed under: Smart domestic Tagged: domestic automation, Samsung, or Samsung SmartThings,security, smart domestic, and SmartThings
Source: 9to5google.com