Security researchers at Proofpoint have uncovered the very first wide-scale hack that involved television sets and at least one refrigerator. Yes, a fridge.
This is being hailed as the first home appliance “botnet” and the first cyberattack from the Internet of Things.
A botnet is a series of computers that seem to be ordinary computers functioning in people’s homes and businesses, but are really secretly controlled by hackers. The Internet of Things is a new term in the tech industry that refers to a concept where every device in your house gets its own computer chip, software, and connection to the Internet: your fridge, thermostat, smart water meter, door locks, etc. To a hacker, they all become computers that can be hacked and controlled.
In this case, hackers broke into more than 100,000 everyday consumer gadgets, such as home-networking routers, connected multimedia centers, televisions, and at least one refrigerator, Proofpoint says. They then used those objects to send more than 750,000 malicious emails to enterprises and individuals worldwide.
In the press release, Proofpoint explains:
• The hack happened between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting enterprises and individuals worldwide.
• About three-quarters of the emails were sent by regular computers, but the rest, slightly more than one-quarter, were sent by hacked home appliances.
• Hackers didn’t have to be amazingly smart when breaking into home appliances. Many times they gained access because the home owners didn’t set them up correctly, or used the default password that came with the device.
Most homes are not yet a part of the Internet of Things, and looks like hackers will already be there to greet them when they arrive.