Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

One of Elon Musk's longtime VCS is suing his former employer after allegedly fired

May 8, 2025

Korean telephone giant SKT data breaches timeline

May 8, 2025

AppFigures: Apple earned more than $10 billion from its US App Store commission last year

May 8, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    AppFigures: Apple earned more than $10 billion from its US App Store commission last year

    May 8, 2025

    Instagram thread gets video ads

    May 8, 2025

    Google deploys AI tools to protect Chrome users from fraud

    May 8, 2025

    Match to lay off 13% of staff

    May 8, 2025

    Apple tries to delay ruling that it will prohibit cutting payments for external apps

    May 8, 2025
  • Crypto

    Stripe unveils AI Foundation model for payments, revealing a “deeper partnership” with Nvidia

    May 7, 2025

    Movie Pass explores the daily fantasy platform of film buffs

    May 1, 2025

    Speaking on TechCrunch 2025: Application is open

    April 24, 2025

    Revolut, a $45 billion Neobank, recorded a profit of $1 billion in 2024

    April 24, 2025

    The new kids show will come with a crypto wallet when it debuts this fall

    April 18, 2025
  • Security

    Korean telephone giant SKT data breaches timeline

    May 8, 2025

    Powerschool paid the hacker ransom, but now the school says it's being forced

    May 8, 2025

    VC Company Insight Partners Review Personal Data Stolen During a January Hack

    May 8, 2025

    Crowdstrike says it will fire 500 workers

    May 7, 2025

    Ox Security lands fresh $60 million to scan code vulnerabilities

    May 7, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    One of Elon Musk's longtime VCS is suing his former employer after allegedly fired

    May 8, 2025

    Sequoia leads a $1.5 billion tender offer for sales automation startup clay

    May 8, 2025

    Bosch Ventures is turning attention to North America with a new $270 million fund

    May 8, 2025

    A comprehensive list of 2025 tech layoffs

    May 7, 2025

    Kapor Capital's managing partner Ulili Onovakpuri has left the company

    May 7, 2025
TechBrunchTechBrunch

Researchers find that popular video door phones can be easily hijacked

TechBrunchBy TechBrunchFebruary 29, 20244 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


Some Internet-connected doorbell cameras have security flaws that allow hackers to take control of them with the simple press of a button, among other problems, according to a Consumer Reports investigation.

On Thursday, the nonprofit Consumer Reports released a study that detailed four security and privacy flaws in cameras made by Shenzhen, China-based EKEN. The company makes cameras under the EKEN brand, but apparently also makes cameras under Tuck and other brands.

These relatively inexpensive doorbell cameras were available on online marketplaces like Walmart and Tem, but were discontinued after Consumer Reports contacted the companies to report the issue. However, these doorbell cameras are still available elsewhere.

According to Consumer Reports, the most impactful issue is that when someone approaches an EKEN doorbell camera, they can simply download the official app called Aiwit and put the camera into pairing mode, giving them “full control” over the doorbell camera. It's possible. All he has to do is press and hold the doorbell button for 8 seconds. Aiwit's app has been downloaded more than 1 million times on Google Play, which shows that it is widely used.

At that point, a malicious user can create their own account on the app and scan the QR code generated by the app by holding it in front of the doorbell's camera. According to Consumer Reports, this process allows a malicious user to add a doorbell to their account, allowing the malicious user to “take control of devices that were originally associated with the homeowner's user account. “It will become like that.”

According to testing conducted by Consumer Reports, one mitigating factor is that once this process is finished, the camera owner will receive a warning email saying, “Ownership of your Aiwit device has changed.”

Other issues highlighted by the non-profit organization include doorbells broadcasting the owner's IP address over the Internet, as well as still images taken by the camera, allowing anyone to access the app without the need for a password. But you can also intercept and see the unencrypted name of the local Wi-Fi network that your doorbell connects to over the Internet.

According to Consumer Reports, EKEN did not respond to emails reporting these issues. EKEN did not respond to TechCrunch's request for comment.

Despite these flaws and Consumer Reports' warnings about online markets, doorbells continue to be sold on Amazon, Sears, and Shein.

Spokespeople for Amazon, Sears, and Shein did not respond to TechCrunch's requests for comment.

After the company received a warning from Consumer Reports on February 5, Tem Inc., which sells doorbells, “took immediate action and stopped selling identified doorbell camera models branded Tuck and Eken.'' There was a pause,” he said. We have initiated a thorough review of these products to ensure they comply with FCC regulations and other relevant standards. ”

Temu spokesperson Tori Schubert said in an email: “Following the receipt on February 28 of additional information regarding security vulnerabilities related to products manufactured by Eken Group Ltd using the Aiwit app, our company We took swift action and removed all related products from our platform.”

Walmart spokesperson John Forrest told TechCrunch in an email that the retail giant has removed EKEN and Tuck doorbells from sale. However, Consumer Reports claimed that a similar doorbell, possibly the white label EKEN doorbell, is still available at Walmart.

After TechCrunch shared a list of the five reported on Consumer Reports with Walmart, Forrest said the company removed three of the five, and two have already been removed.

This research shows that consumers once again have a way to know whether their internet-connected smart devices are taking appropriate privacy and security measures online. And until someone outside, like Consumer Reports in this case, points out that a product is unsafe, online marketplaces can't be trusted to vet what they sell.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Korean telephone giant SKT data breaches timeline

May 8, 2025

Powerschool paid the hacker ransom, but now the school says it's being forced

May 8, 2025

VC Company Insight Partners Review Personal Data Stolen During a January Hack

May 8, 2025

Crowdstrike says it will fire 500 workers

May 7, 2025

Ox Security lands fresh $60 million to scan code vulnerabilities

May 7, 2025

NSO Groups must pay WhatsApp more than $167 million in damages for Spyware Campaign

May 6, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

One of Elon Musk's longtime VCS is suing his former employer after allegedly fired

May 8, 2025

Korean telephone giant SKT data breaches timeline

May 8, 2025

AppFigures: Apple earned more than $10 billion from its US App Store commission last year

May 8, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.