August 24, 2015 by

Smart Refrigerators Leave Gmail Logins Vulnerable to Exploits

Penetration testers have discovered an exploit that could potentially steal Gmail credentials of a user whose information is available in a Samsung smart fridge.

Security researchers have uncovered a man-in-the-middle (MiTM) vulnerability that leaves Samsung smart refrigerators open to an exploit that allows an attacker to steal the owner’s Gmail credentials, reports The Register.

The discovery came to light due to a contest facilitated by Samsung as an IoT (Internet of things) hacking challenge at the recently concluded DEF CON hacking conference.

The smart fridge is among a number of Samsung’s ‘Smart Home’ appliances that can be controlled using the Smart Home application. The RF28HMELBSR smart fridge implements SSL within its protocols but crucially, fails to validate the SSL certificates. This leaves it vulnerable and open to MiTM attacks through a majority of connections.

Gmail Synced and Vulnerable

The fridge’s ‘smart features’ allows the appliance to download the user’s Gmail calendar to the display embedded in the refrigerator. If a hacker gains access to the same Wi-Fi network the fridge is connected to, a user’s Google account login credentials are at risk.

Ken Munro, a security researcher at UK-based security firm Pen Test Partners, explains:

“The Internet-connected fridge is designed to display Gmail Calendar information on its display.

“It appears to work the same way that any device running a Gmail calendar does. A logged-in user/owner of the calendar makes updates and those changes are then seen on any device that a user can view the calendar on.”

Penetration testers also attempted a firmware-based attack through the software update channels, unsuccessfully. However, using the mobile app lead to discovering another potential (still unconfirmed) vulnerability.

The researchers’ discovery of a file in the mobile application’s code led them to believe that it contained the vital certificate that encrypts traffic between the smart fridge and the mobile application. While the certificate was passworded correctly, the credentials were seemingly stored in an obfuscated form within the mobile application.

Essentially, if the credentials were discovered, the password comes next before using the certificate to authenticate communications to the fridge wirelessly.

Samsung has released a statement to the Register in light of the Gmail vulnerability.

“At Samsung, we understand that our success depends on consumers’ trust in us, and the products and services that we provide. We are investigating into this matter as quickly as possible. Protecting our consumers’ privacy is our top priority, and we work hard every day to safeguard our valued Samsung users.”

 

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Former Rutgers Student Pleads Guilty to Creating Mirai Botnet

A former Rutgers university student is among three men who pleaded guilty to creating the dreaded...

Read more arrow_forward

Hackers Invade Safety System of Critical Infrastructure Facility

Hackers, presumed to work for a nation-state, recently hacked a safety system belonging to a...

Read more arrow_forward

New Ransomware ‘Spider’ Threatens Wipeout in 96 Hours

A new strain of ransomware discovered by security researchers encrypts files and gives victims a...

Read more arrow_forward