Plugging a "smart" socket into your house may be the perfect Trojan horse for hackers.
According to researchers at anti-virus company Bitdefender, there's a certain smart plug with serious security flaws. The device isn't encrypted, it's "susceptible to malicious firmware updates" and it uses "weak default passwords" — which the company neglected to warn its users should be changed for heightened security, ZDNet reported.
For the uninitiated, a smart plug is an "Internet of Things" device that plugs into your outlet to monitor your energy consumption and automate your home by acting as a hub for your other internet-connected devices.
The researchers didn't specify in which device it discovered these security flaws, just that it was an "electrical outlet currently on the market." So if you have recently plugged one of these smart suckers into your walls, consider changing your password.
What do these security flaws mean? According to Bitdefender, it makes your entire connected home vulnerable to hackers, allowing an attacker to access the device itself as well as all the other ones connected to it on the same network.
"One of the most destructive actions an attacker can take is to rip off the existing software and plant malicious software in its place," Bitdefender researcher George Cabau told ZDNet. "For users, the consequences can extend to losing control of all their network-connected devices as they become weapons of attack in a cyber-criminal network, as well as to exposing their email accounts and their contents."
Yep — thanks to a poorly secured smart plug, your precious, once-private emails are now at a hacker's fingertips. And if you went wild with the smart home accessories, the aforementioned mystery plug could be a means to a hacker controlling your lights, coffeemaker, toaster, thermostat — and the beat goes on.