Smart TVs and even internet-enabled fridges have been hacked by cybercrooks to send out spam and malware.
According to research by IT security firm Proofpoint, criminals have managed to hack over 100,000 consumer gadgets and home devices to mount a spam campaign sending out over 750,000 unsolicited emails.
Among the devices used by criminals to send out spam were home internet routers, smart TVs, media players and at least one refrigerator. Proofpoint said that the cyberattacks from internet devices happened about three times a day and occurred between 23 December and 6 January.The emails sent out by TVs and fridges were designed to trick the recipient of the email into handing over their bank details.
The firm said that no more that 10 emails were sent from the devices and using this type of attack would make it more difficult to block by IT security software.
Proofpoint said that such devices in the home are often misconfigured and the use of default passwords on devices meant that hackers could easily infiltrate these devices to take them over and send out torrents of spam. In effect, hackers turns smart devices into an “Internet of Things”-style botnet. Proofpoint dubbed this network a “thingbot”.
“Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse” said David Knight, general manager of Proofpoint’s Information Security division.
“Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. Enterprises may find distributed attacks increasing as more and more of these devices come on-line and attackers find additional ways to exploit them.”