Hack Wi-Fi passwords from LED bulbs

A group of white-hat hackers have found a way to get free Wi-Fi passwords by hacking LED lights with the same network connection.

According to Arstechnica , security vulnerabilities were discovered in smart light bulbs in the LIFX system, which can be turned on / off and adjusted via iOS and Android devices.

Arstechnica editor Lee Hutchinson has just said that Philips Hue LED bulbs have been programmed and controlled in the LIFX system as a trigger for attacks on Wifi networks. Smart light bulbs are part of smart home trends. Manufacturers have brought home appliances to the network so that users can control them remotely via smartphones, computers and other networked devices.

According to a blog post published last weekend, LIFX has updated software to patch vulnerabilities using smart light control. Security vulnerabilities detected by Context security experts allow hackers to obtain Wi-Fi network passwords within a distance of 30 meters.

The lamp will carry out information exchange through a network system supported by 6LoWPAN, wireless technology built on IEEE 802.15.4 standards . With wifi passwords encrypted with AES ( Advanced Encryption Standard ), hackers can attack and obtain Pre-shared Key and words, then proceed to decrypt the data. Arstechnica believes that security for LIFX smart bulbs with Firmware 1.1 is not enough to resist hackers' attacks.

For its part, LIFX announced that it would respond to Context's reports and release a software patch. The company will release Firmware version 1.3 to encrypt all 6LoWPAN traffic and ensure a better connection with the lights on the network. However, updating the software for these devices is not as simple as with smartphones / tablets, which is a difficult and complicated process.

Current Internet of Things ( IoT ) devices such as refrigerators, air conditioners, TVs and routers with Internet connections have been proven to be able to expose users' personal data, and concerns. Security will now be expanded with LED bulbs. Large technology firms such as Microsoft, Apple and Google have devoted large resources to ensure their resources and services are safe. Therefore Internet of Things device manufacturers also need to invest more in the security aspect to ensure information security in their devices.