Philips smart bulbs hacked using a drone (video)

Posted on Wednesday, November 09 2016 @ 15:06 CET by Thomas De Maesschalck
Canadian security researchers uploaded a video demonstration of how they were able to hack Philips Hue LED lights using a drone. By exploiting a bug in the ZigBee Light Link Touchlink system, the hackers were able to remotely control the smart bulbs and made them blink SOS in Morse code.

The attack was performed via the drone, which was able to bypass all security measures of the networked light bulbs from more than a thousand feet away. Furthermore, the security researchers were able to install malicious firmware that blocks further wireless updates, making an infection as good as irreversible without a costly recall:
“There is no other method of reprogramming these [infected] devices without full disassemble (which is not feasible). Any old stock would also need to be recalled, as any devices with vulnerable firmware can be infected as soon as power is applied,” according to the researchers.
PC World suggests this isn't entirely harmless as it could be used to trigger epileptic seizures in vulnerable people, or another nefarious use could be to plunge buildings into darkness.



The researchers informed Philips of the vulnerability, which plugged the bug in October. This is once again a reminder that a lot of these new Internet of Things devices are in desperate need of better security.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments