Eken camera doorbells, a product manufactured by the Chinese company Eken Group Ltd, have recently come under scrutiny due to major vulnerabilities discovered by researchers from Consumer Reports (CR). These vulnerabilities could potentially allow ill-intentioned individuals to spy on unsuspecting users, giving them access to the footage from the devices or even complete control over them.

The CR researchers, Steve Blair and David Della Rocca, found that these doorbell cameras, sold under the EKEN and Tuck brands, as well as other seemingly identical brands, are all controlled through the same mobile app called Aiwit, which is owned by Eken. These devices are widely available through major retailers such as Amazon, Walmart, Shein, Sears, and Temu, with thousands being sold each month.

One of the critical vulnerabilities discovered by the researchers allows an attacker to create an account on the app and pair a nearby doorbell camera with another device, granting them access to view footage and potentially lock out the legitimate owner of the device. This raises serious concerns for individuals who may be targeted by stalkers or abusive partners seeking to surveil them through their connected devices.

Furthermore, some of the doorbell cameras analyzed by the researchers lack a visible ID issued by the Federal Communications Commission (FCC), which is a requirement for the sale of such products in the U.S. This oversight could potentially expose users to legal repercussions in addition to the security risks posed by the vulnerabilities.

In response to these findings, some online marketplaces like Walmart have taken steps to remove the flawed products from their catalog and offer refunds to customers who purchased them. However, as of now, the EKEN Smart Video Doorbell Camera Wireless devices are still available for purchase on Amazon, prompting calls for e-commerce platforms to take more responsibility in vetting sellers and addressing consumer complaints.

Justin Brookman, director of technology policy for CR, emphasized the importance of holding big e-commerce platforms like Amazon accountable for the products they sell, highlighting the need for stronger safeguards to protect consumers from faulty and potentially harmful electronics. The prevalence of insecure devices from Chinese manufacturers underscores the urgent need for stricter oversight and regulation to ensure the safety and privacy of users.

Overall, the discovery of these vulnerabilities in Eken camera doorbells serves as a stark reminder of the risks associated with internet-connected devices and the importance of thorough security assessments before deploying such products in our homes and businesses. As technology continues to advance, it is crucial for manufacturers, retailers, and consumers alike to prioritize security and privacy to prevent unauthorized access and potential harm.

Source link