Your WeMo Smart Home Device May Be Spying On Your Android Phone

Mobile devices can be hacked in a wide variety of ways. Smart home devices were never a real threat up until this point, but that situation has changed. WeMo smart home devices are adequately capable of spying on Android phones. This is a very worrisome development, and it does not appear that there is a solution available to address this problem.

Smart Home Devices Are Far From Safe To Use

As if the threat of malicious Internet of Things devices is not troublesome enough, security researchers continue to discover new flaws and vulnerabilities. With WeMo smart devices being capable of spying on Android phones, things have taken a drastic turn for the worse. Attackers are, in theory, able to exploit WeMo’s Android app and cause havoc.

Thankfully, parent company, Belkin, has already released a software update to address this problem. It is still up to individual WeMo device owners to flash this update manually, though, as Belkin cannot enforce this process. The update process itself, however, can easily be manipulated by the same hackers who abuse the app’s access to begin with.

It is possible to entirely kill the software update process if the smart home device has been infected already. Even if Belkin were to deliver more security updates over time, there is no guarantee that the device will ever receive them. This type of practice is not uncommon where IoT devices are concerned, though.




Unfortunately, there is even more bad news for WeMo device owners. Security researchers unveiled an SQL vulnerability that could grant assailants complete administrator access to the device in question. By executing an SQL injection, hackers can take over control of the smart home device and do as they see fit.

It is evident that both the WeMo app, as well as the devices, have multiple vulnerabilities that need to be addressed sooner rather than later. Such flaws should never be present to begin with, particularly not in hardware that has been deployed on a global scale. This once again goes to show that Internet of Things devices are in the very early stages, and installing such hardware at home is a precarious endeavor.

WeMo devices have been dealing with security flaws since 2014. The firmware update system in particular is prone to attacks, although Belkin claims that most of these issues were fixed at that time. It looks as if the team will need to go back to the drawing board and come up with a more secure business model to protect consumers from harm.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.