Monday, January 20, 2025
HomeInternet30,000 Hot Bathtubs are vulnerable to Remote Attack by Hackers

30,000 Hot Bathtubs are vulnerable to Remote Attack by Hackers

Published on

SIEM as a Service

Follow Us on Google News

Researchers discovered a serious flaw in more than 30,000 IoT connected bathtubs that can be authenticated by remote attackers to control the vulnerable tub located in your home.

Ceri Coburn , a company that offers a mobile app as a Water App that controlling more than 30,000 hot tubs.

The App allows the user to control their tub using various app controls including heat it and turn it off when you’re not using it.

An investigation that conducted by researchers revealed that the app
didn’t seem to authenticate users so they aim to dig into the deep by reversing the app and its control with Tub.

Pentesting the Tub connectivity with app

Ceri app is connected with Wi-Fi access point on the tub. same as most of the IoT devices, mobile app can connect as a client and control the tub locally.

According to pentestpartners, ” it can also configure the tub controller to be a client on your home network, so remote control from anywhere is possible through an API. Hence, we can geo-locate hot tubs on https://wigle.net â€“ simply search for : https://wigle.net/search?ssidlike=BWGSpa%25 and you’ll find the tubs that were still in AP mode when geo-located. “

In this connected there is no PSK assigned with AP that leads to anyone can stand near the home and connected with hot tub and control it.

Along with this researchers found that there was no authentication was defined with API also the app using  cloud service from iDigi for control.

Further investigation reveal that the app cloud login credentials are authenticate with plaintext.

bathtubs

According to pentestpartners, someone can mess around with your hot tub. It’s hardly nation state grade ransomware, but it was damn good fun finding and exploiting this vulnerability on ours and Ceri’s hot tub.

“However, there is a more serious side: it’s easy to turn your temperature down so your tub becomes unusable. It’s also easy to heat it continuously, wasting electricity.”

Blowers are also only turned on when someone is in the tub, so the hacker can figure out if you’re in the tub at the time, Researchers said.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Multiple Azure DevOps Vulnerabilities Let Inject CRLF Queries & Rebind DNS

Researchers uncovered several significant vulnerabilities within Azure DevOps, specifically focusing on potential Server-Side Request...

Hackers Weaponize npm Packages To Steal Solana Private Keys Via Gmail

Socket’s threat research team has identified a series of malicious npm packages specifically designed...

Hackers Weaponize MSI Packages & PNG Files to Deliver Multi-stage Malware

Researchers have reported a series of sophisticated cyber attacks aimed at organizations in Chinese-speaking...

New IoT Botnet Launching Large-Scale DDoS attacks Hijacking IoT Devices

Large-scale DDoS attack commands sent from an IoT botnet's C&C server targeting Japan and...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Multiple Azure DevOps Vulnerabilities Let Inject CRLF Queries & Rebind DNS

Researchers uncovered several significant vulnerabilities within Azure DevOps, specifically focusing on potential Server-Side Request...

New IoT Botnet Launching Large-Scale DDoS attacks Hijacking IoT Devices

Large-scale DDoS attack commands sent from an IoT botnet's C&C server targeting Japan and...

Researchers Used ChatGPT to Discover S3 Bucket Takeover Vulnerability in Red Bull

Bug bounty programs have emerged as a critical avenue for researchers to identify vulnerabilities...