Several companies like Google, Samsung and TP-Link manufacture a wide range of smart plugs, light bulbs and sockets. As with most name-brand products, these tend to be of higher quality than the unknowns. Technology used inside smart gadgets isn’t that complex either, which has spurred an industry for cheaper plugs and lights. But cheaper doesn’t mean that it’s made to the same standard — especially when it needs to connect to your home’s Wi-Fi network. In fact, some are downright dangerous.

Here’s the backstory

Security firm A & O IT Group analyzed several smart plugs and discovered that some could harbor unseen threats to your home network. Most people won’t think for a second that hackers can access their network through a connected plug behind the couch. But that is exactly what the company unveiled. Before running several tests to determine how secure a smart plug really is, A & O immediately found a flaw. The default passwords for the devices they tested, the Sonoff S26 and the Ener-J WiFi, were extremely weak. And that was just the start. They also discovered that:

Malicious firmware could be installed on the units.Unencrypted traffic between the smart plugs and mobile devices.Easy to capture the credentials of the network.Weak default passwords like 12345678.

Once an attacker breached the network, they can connect to other devices in your home and view your photos, videos and personal details.

Beware before you buy

Most of the products available, including the two devices from the test, are easily bought online. This poses a huge threat for consumers, as hackers can modify the devices and resell them. “Cyber criminals could very easily buy thousands of these devices, install malicious firmware, and list them on eBay for a little cheaper than the other suppliers. Every one of them purchased would then provide access to a new Wi-Fi network from which they could launch cyberattacks without the fear of being caught,” explains Richard Hughes, head of technical cybersecurity at A&O IT Group. Not sure what to do now? There are safer plugs on the market which we recommend:

Keep reading

Review: An affordable outdoor smart plug that ticks all the boxes Warning! These smart plugs can be hacked and start fires