A new report from security researchers alleges that Amazon Ring doorbells have exposed users’ home Wi-Fi passwords to hackers.
TechCrunch reports that security researchers at Bitdefender have claimed that Amazon Ring doorbells were sending users Wi-Fi passwords in cleartext as the doorbell joins the home network. This would allow hackers to intercept the Wi-Fi password and gain access to users’ local network.
Bitdefender stated: “When first configuring the device, the smartphone app must send the wireless network credentials. This takes place in an unsecure manner, through an unprotected access point. Once this network is up, the app connects to it automatically, queries the device, then sends the credentials to the local network.”
All of this happens over an unencrypted connection which exposes the Wi-Fi password being sent over the air. The vulnerability was reportedly fixed by Amazon in September but the vulnerability was only recently disclosed. read more