August 24, 2015 by

Smart Refrigerators Leave Gmail Logins Vulnerable to Exploits

Penetration testers have discovered an exploit that could potentially steal Gmail credentials of a user whose information is available in a Samsung smart fridge.

Security researchers have uncovered a man-in-the-middle (MiTM) vulnerability that leaves Samsung smart refrigerators open to an exploit that allows an attacker to steal the owner’s Gmail credentials, reports The Register.

The discovery came to light due to a contest facilitated by Samsung as an IoT (Internet of things) hacking challenge at the recently concluded DEF CON hacking conference.

The smart fridge is among a number of Samsung’s ‘Smart Home’ appliances that can be controlled using the Smart Home application. The RF28HMELBSR smart fridge implements SSL within its protocols but crucially, fails to validate the SSL certificates. This leaves it vulnerable and open to MiTM attacks through a majority of connections.

Gmail Synced and Vulnerable

The fridge’s ‘smart features’ allows the appliance to download the user’s Gmail calendar to the display embedded in the refrigerator. If a hacker gains access to the same Wi-Fi network the fridge is connected to, a user’s Google account login credentials are at risk.

Ken Munro, a security researcher at UK-based security firm Pen Test Partners, explains:

“The Internet-connected fridge is designed to display Gmail Calendar information on its display.

“It appears to work the same way that any device running a Gmail calendar does. A logged-in user/owner of the calendar makes updates and those changes are then seen on any device that a user can view the calendar on.”

Penetration testers also attempted a firmware-based attack through the software update channels, unsuccessfully. However, using the mobile app lead to discovering another potential (still unconfirmed) vulnerability.

The researchers’ discovery of a file in the mobile application’s code led them to believe that it contained the vital certificate that encrypts traffic between the smart fridge and the mobile application. While the certificate was passworded correctly, the credentials were seemingly stored in an obfuscated form within the mobile application.

Essentially, if the credentials were discovered, the password comes next before using the certificate to authenticate communications to the fridge wirelessly.

Samsung has released a statement to the Register in light of the Gmail vulnerability.

“At Samsung, we understand that our success depends on consumers’ trust in us, and the products and services that we provide. We are investigating into this matter as quickly as possible. Protecting our consumers’ privacy is our top priority, and we work hard every day to safeguard our valued Samsung users.”


About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Netflix Launches Public Bug Bounty Program

Streaming giant Netflix has announced the launch of a public bug bounty program designed to allow...

Read more arrow_forward

15-Year-Old Hacks Ledger Hardware Cryptocurrency Wallet

A teenage hacker has discovered a flaw in Ledger, a popular hardware wallet that could essentially...

Read more arrow_forward

Expedia’s Orbitz: 880,000 Payment Cards Struck by Data Breach

Orbitz, a subsidiary of online travel giant Expedia has revealed a data breach wherein hackers may...

Read more arrow_forward