I know found a vulnerability that affects many types of smart devices, including security cameras and even baby monitors.
Its exploit allows an attacker to access live video and audio streams over the Internet and even take complete control of devices remotely.
What’s worse, it’s not limited to a single manufacturer; rather, it is part of a software development kit (SDK) that affects over 83 million devices and over 1 billion Internet connections per month.
The SDK in question is Through Tek Kalay, which offers a system to connect smart devices with their corresponding mobile apps. The Kalay platform mediates the connection between a device and its app, handles authentication, and sends commands and data back and forth.
An attacker who knows a device’s UID – which can be obtained through a social engineering attack or by looking for vulnerabilities on a particular vendor’s website – and who has some knowledge of the Kalay protocol can re-register the UID and basically hijack the connection device the next time someone legitimately tries to access the target device. The user will have a few seconds of delay, but then everything will work normally for him.
taking advantage of the failure, youAn attacker can see video streams in real time, allowing you to view confidential security footage or peek inside a baby’s crib. They could launch a denial of service attack against the cameras by turning them off. Or they might install malicious firmware on target devices.
Manufacturers incorporate Kalay into their productss, which can then be purchased by another company to be sold under a certain brand name. This means that although ThroughTek offers options that can be turned on to mitigate the failure, it’s hard to know exactly how many companies rely on Kalay and need to enable these features.
For users who already have vulnerable devices in their homes or businesses, there is not a complete list of affected devices to be scanned. They should simply install available software updates on their devices whenever possible.
However, realistically, fixes may never reach devices made by smaller companies, those who don’t invest much in security or those who buy their devices from private label suppliers and then brand them.
