Anti-Malware Research IoT Research Whitepapers

When the Lights Go Out: Cracking the Sonoff / eWeLink Platforms

Smart lighting and automation have opened up tremendous opportunities in residential architecture and design. Whether in plain sight or hidden under drywall, these convenient and relatively inexpensive intelligent outlets and switches can act as a entry points for bad actors or can be hijacked for fun and profit.

This is the case with a vulnerability discovered in the ITEAD Sonoff / eWeLink platform-as-a-service that manages remote control and connectivity between smart switches, relays, or outlets and the software applications controlling them.

Using this vulnerability, a potential attacker can gain control of random devices and remotely access any functionality they offer.

If you want to learn more, please download the full whitepaper below:

Download the whitepaper

Our researchers are regularly inspecting IoT devices and platforms to identify vulnerabilities and develop new mitigations in the Bitdefender IoT Security Platform. This vulnerability was responsibly disclosed by Bitdefender to the affected vendor and the issue has already been fixed.

About the author

Avatar

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as director of threat research. When he is not documenting sophisticated strains of malware or planning removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.

Add Comment

Click here to post a comment