HOUSEHOLDS with a cheap video doorbell have been urged to update their gadgets immediately to prevent a worrying security fault.
Experts from Consumer Reports claimed in February a series of budget brands had a flaw that allowed bad actors to view footage or control them completely.
They claimed the doorbells expose people’s IP addresses and their Wi-Fi network name to the internet without encryption, which risks opening networks to cyber criminals.
The affected products were sold on popular online marketplaces including Amazon, Temu and Walmart.
They were made by a Chinese company called Eken Group who have produced a number of home video camera devices under different brand names.
But they all use an app known as Aiwit.
Among the brands are:
- Eken
- Tuck
- Fishbot
- Rakeblue
- Andoe
- Gemee
- Luckwolf
Eken has now rolled out a fix that the US watchdog is satisfied addresses the issue.
“Eken has upgraded its firmware to version 2.4.1 or higher,” the company wrote on its website.
“We believe this update significantly enhances the security of data transmission.”
Updates should be available automatically but you can check for yourself within the app.
In a statement to Consumer Reports, an Eken rep added: “We appreciate the feedback from Consumer Reports and our valued customers.
“We are committed to continuously improving our products to ensure the highest standards of security and compliance and have undertaken significant work.”
Maria Rerecich, Consumer Reports’ senior director of product testing, said: “We’re pleased to see Eken fix the issues with its products in response to our findings.
“While we would prefer that products be safe and secure from their initial launch, the ability of our testing to uncover vulnerabilities results in better products for consumers.”
New law will force manufacturers to be more careful…
Analysis by Jamie Harris, Senior Technology and Science Reporter
As Consumer Reports says, products like these should be secure from the get-go.
And manufacturers will have to be even more careful from now on as new consumer protections against hacking and cyber-attacks came into force today in the UK.
Device makers for things like phones, TVs and smart doorbells are now required to implement minimum security standards against cyber threats.
The law bans companies from using easily guessable default passwords like ‘admin’ or ‘12345’ – and if there is a common password the user must be promoted to change it on start-up.
And manufacturers will also have to publish contact details so bugs and issues can be reported and dealt with.