Friday, January 31, 2025
HomeComputer SecurityHackers Can Exfiltrate & Transfer the Sensitive Data using Smart Bulbs Lights

Hackers Can Exfiltrate & Transfer the Sensitive Data using Smart Bulbs Lights

Published on

SIEM as a Service

Follow Us on Google News

A new research reveals that hackers can exfiltrate the sensitive data from the Smart Bulbs using lights as a channel and transfer the data from the compromised devices.

Smart bulbs are now widely available as home-based appliances that connected to the Internet and allow users to changes the color, remotely control it and users can schedule on and off times.

Few Months before In a similar research that connected smart light can be used as a covert-channel to exfiltrate the user’s private data by taking advantage of light emitted by modern smart bulbs.

Researchers tested the industries leading smart bulbs and take a look on Magic Blue smart bulb that available very less price in the market.

These bulbs are manufacturing by the Chinese company  Zengge and it is connected with a mobile application in order to users control the smart bulb.

In this case, researchers using different types of hardware and the main goal was to sniff the communication in between Bulb and the paired mobile application.

Sniffing & Exfiltrate the Data using Smart bulbs

Initially, Team of researchers paired the mobile phone with the right app and there are 4 hardware involved in this process of sniffing operation including 3 Ubertooth (aka uberteeth), Smart Bulb, Mobile Phone, Laptop.

Later they started changing the colors and meanwhile they also they connected 3 ubertooth dongles to their Linux machine where they getting the traffic and analyze them using Wireshark network analysis tool.

Under the process of reversing the mobile application, researchers used the adb tool to download the Android application and used jadx to analyze it to make sure changing colors are same as they found in sniffing apps.

According to checkmarxm, The main plan for exfiltration was to use light as a channel to transfer information from a compromised device to the attacker. Light can achieve longer distances, which was our goal. Imagine the following attack scenario: a BLE device (smartphone) gets compromised with malware. The malware steals the user’s credentials. The stolen information is sent to an attacker using a BLE light bulb nearby.

In this case, attackers receive an exfiltrated data using a smartphone and it will be connected to telescope in order to visible it widely.

Researchers created two apps, One for sending the exfiltrate the data and another one will receive the data.

Here the first app has 2 modes, normal and stealthy. Normal mode allows smart bulb exfiltration app which is visible to the human eye that helps to App scans for the vulnerable bulbs, sending the Payload and stealthy mode which helps to scan the vulnerable bulbs and Starts the loop of exfiltration data.

Researchers demonstrate the proof-of-concept in below Video:

“These methods will work on every smart bulb that allows control by an attacker. In the future, we would like to create a better proof of concept that allows us to test a database of vulnerable bulbs and even implement AI to learn and implement new bulbs along the way. “Researchers said.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Hackers Exploiting DNS Poisoning to Compromise Active Directory Environments

A groundbreaking technique for Kerberos relaying over HTTP, leveraging multicast poisoning, has been recently...

New Android Malware Exploiting Wedding Invitations to Steal Victims WhatsApp Messages

Since mid-2024, cybersecurity researchers have been monitoring a sophisticated Android malware campaign dubbed "Tria...

500 Million Proton VPN & Pass Users at Risk Due to Memory Protection Vulnerability

Proton, the globally recognized provider of privacy-focused services such as Proton VPN and Proton...

Arcus Media Ransomware Strikes: Files Locked, Backups Erased, and Remote Access Disabled

The cybersecurity landscape faces increasing challenges as Arcus Media ransomware emerges as a highly...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Is this Website Safe: How to Check Website Safety – 2025

is this website safe? In this digital world, Check a website is safe is...

Firefox 133.0 Released with Multiple Security Updates – What’s New!

Mozilla has officially launched Firefox 133.0, offering enhanced features, significant performance improvements, and critical...

Digital Wallets Bypassed To Allow Purchase With Stolen Cards

Digital wallets enable users to securely store their financial information on smart devices and...