Beautiful Virgin Islands

Tuesday, Jun 03, 2025

More than 83 million smart devices, including baby monitors, at risk from hackers

More than 83 million smart devices, including baby monitors, at risk from hackers

Hackers could listen to and watch live audio and video feeds from smart cameras and baby monitors, due to a vulnerability being disclosed by Mandiant and the US Cybersecurity and Infrastructure Security Agency.
A critical vulnerability affecting more than 83 million smart devices, including smart cameras and baby monitors, could allow hackers to listen to and watch live audio and video feeds, it has emerged.

The flaw "poses a huge risk" to people's security and privacy said security company Mandiant, which is coordinating its disclosure with the US Cybersecurity and Infrastructure Security Agency (CISA).

While default passwords have prompted UK security services to warn consumers about criminal activity, the flaw discovered by Mandiant also affects devices which do not use default passwords.

According to Mandiant, the problem is in an IoT (Internet of Things) software protocol called Kalay, developed by Taiwanese company ThroughTek, which offers a platform to control smart devices from.

Before the coordinated disclosure was made, ThroughTek warned users to update their software to stop hackers accessing "sensitive information in transmission and on victim devices".

A similar vulnerability was discovered in the Kalay protocol by Nozomi Networks earlier this year, although Mandiant says its discovery is more severe, allowing attackers to remotely control affected devices as well as snoop on them.

Because the Kalay protocol is installed by both original equipment manufacturers (OEMs) and resellers before smart devices reach consumers, Mandiant said it couldn't determine a complete list of products affected.

However, the business - which is part of cyber security company FireEye - noted ThroughTek's website "reports more than 83 million active devices on the Kalay platform at the time of writing".

Back in 2014, the UK's data watchdog warned Britons that private webcam feeds were being streamed on a Russian website, using default logins and passwords to access the devices.

The British government plans to introduce a new law which will force OEMs and resellers of smart devices to meet minimum security requirements in the UK.

The government announced the Product Security and Telecommunications Infrastructure Bill during the Queen's Speech earlier this year, although this is not yet law.

Announcing the law earlier this year, digital infrastructure minister Matt Warman said: "We are changing the law to ensure shoppers know how long products are supported with vital security updates before they buy and are making devices harder to break into by banning easily guessable default passwords.

"The reforms, backed by tech associations around the world, will torpedo the efforts of online criminals and boost our mission to build back safer from the pandemic."

A spokesperson for the UK's National Cyber Security Centre (NCSC) said: "We are aware of this vulnerability and ThroughTek has released an update to fix the issue.

"Simply using the platform does not automatically make you vulnerable to real-world impact, as additional information that is hard to guess is needed to exploit the vulnerability in an individual device successfully.

"To maximise protection, the NCSC recommends individuals keep their software up to date by installing the latest vendor updates as soon as practicable."
Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
Harvard Urges US to Unfreeze Funds for Public Health Research
Businessman Mauled by Lion at Luxury Namibian Lodge
Researchers Consider New Destinations Beyond the U.S.
53-Year-Old Doctor Claims Biological Age of 23
Trump Struggles to Secure Trade Deals With China and Europe
Russia to Return 6,000 Corpses Under Ukraine Prisoner Swap Deal
Microsoft Lays Off Hundreds More Amid Restructuring
Harvey Weinstein’s Publicist Embraces Notoriety
Macron and Meloni Seek Unity Despite Tensions
Trump Administration Accused of Obstructing Deportation Cases
Newark Mayor Sues Over Arrest at Immigration Facility
Center-Left Candidate Projected to Win South Korean Presidency
Trump’s Tariffs Predicted to Stall Global Economic Growth
South Korea’s President-Elect Expected to Take Softer Line on Trump and North Korea
Trump’s China Strategy Remains a Geopolitical Puzzle
Ukraine Executes Long-Range Drone Strikes on Russian Airbases
Conservative Karol Nawrocki wins Poland’s presidential election
Study Identifies Potential Radicalization Risk Among Over One Million Muslims in Germany
Good news: Annalena Baerbock Elected President of the UN General Assembly
Apple Appeals EU Law Over User Data Sharing Requirements
South Africa: "First Black Bank" Collapses after Being Looted by Owners
Poland will now withdraw from the EU migration pact after pro-Trump nationalist wins Election
"That's Disgusting, Don’t Say It Again": The Trump Joke That Made the President Boil
Trump Cancels NASA Nominee Over Democratic Donations
Paris Saint-Germain's Greatest Triumph Is Football’s Lowest Point
OnlyFans for Sale: From Lockdown Lifeline to Eight-Billion-Dollar Empire
Mayor’s Security Officer Implicated | Shocking New Details Emerge in NYC Kidnapping Case
Hegseth Warns of Potential Chinese Military Action Against Taiwan
OPEC+ Agrees to Increase Oil Output for Third Consecutive Month
Jamie Dimon Warns U.S. Bond Market Faces Pressure from Rising Debt
Turkey Detains Istanbul Officials Amid Anti-Corruption Crackdown
Taylor Swift Gains Ownership of Her First Six Albums
Bangkok Ranked World's Top City for Remote Work in 2025
Satirical Sketch Sparks Political Spouse Feud in South Korea
Indonesia Quarry Collapse Leaves Multiple Dead and Missing
South Korean Election Video Pulled Amid Misogyny Outcry
Asian Economies Shift Away from US Dollar Amid Trade Tensions
Netflix Investigates Allegations of On-Set Mistreatment in K-Drama Production
US Defence Chief Reaffirms Strong Ties with Singapore Amid Regional Tensions
Vietnam Faces Strategic Dilemma Over China's Mekong River Projects
Malaysia's First AI Preacher Sparks Debate on Islamic Principles
White House Press Secretary Criticizes Harvard Funding, Advocates for Vocational Training
France to Implement Nationwide Smoking Ban in Outdoor Spaces Frequented by Children
Meta and Anduril Collaborate on AI-Driven Military Augmented Reality Systems
Russia's Fossil Fuel Revenues Approach €900 Billion Since Ukraine Invasion
U.S. Justice Department Reduces American Bar Association's Role in Judicial Nominations
U.S. Department of Energy Unveils 'Doudna' Supercomputer to Advance AI Research
U.S. SEC Dismisses Lawsuit Against Binance Amid Regulatory Shift
Alcohol Industry Faces Increased Scrutiny Amid Health Concerns
Italy Faces Population Decline Amid Youth Emigration
×