South Korea Uncovers Widespread Hacking In Smart Home Devices

South Korean tech website, IT Chosun, recently uncovered a nationwide security breach in which multiple smart home devices and cameras were hacked, resulting in footage being sold on dark web forums for 0.1 bitcoins ($A8024).

A screenshot from an English-speaking forum, obtained by the IT Chosun journalist, reads, “We hacked most of the apartments in South Korea. The video was extracted from the smart home device in the apartment.”

The message featured thumbnails of the illegal footage and concluded with the unknown author posting an email address for those interested in purchasing the footage.

IT Chosun said the hacker uploaded several images of nude men and women, as well as stills of people secretly recorded having sex.

The Korea Internet Security Agency have since alerted the police.

Deputy director of cybersecurity at the Ministry of Science and Technology, Kim Nam-Seung, told the South China Morning Post the incident was drawing national attention given private computers, phones and even wall pad devices had been breached.

“It also highlights the importance of users avoiding easy-to-guess passwords, regularly downloading security patch updates and using government-endorsed products with solid security walls,” he said.

In South Korea, most apartments are equipped with ‘smart intercoms’ which allow tenants to access CCTV to see who is at their door. However, this interconnectedness has clearly opened them up to a severe breach.

It follows years of South Korea reckoning with the consequences of its tech-savviness.

In 2019, police uncovered an illegal spying ring in which hundreds of unsuspecting hotel guests were secretly livestreamed by miniature cameras for online subscription-paying viewers.

Furthermore, a 90-page Human Rights Watch report published in June this year, highlighted the prevalence of digital sex crimes in South Korea.

This included miniature spycam installations in hotel rooms, bathrooms and public toilets, as well as the pervasive and unsolicited explicit image sharing, which resulted in severe mental…


Lorex Smart Home Security Center review: Self-monitor, no fees

The budget-priced Lorex Smart Home Security Center (model HC64A) consists of a touchscreen console, two indoor/outdoor cameras, and a Wi-Fi range extender. The system can be expanded with up to six additional cameras, as well as motion and door/window sensors and a video doorbell—provided they’re all manufactured by Lorex. But you’ll need to monitor this security system yourself, as there is no option to pay for professionals to do it for you.

Lorex offers this console in nine other kits with different combinations of cameras and sensors, ranging in price from $350 (two outdoor cameras, but no range extender) to almost $800 (four cameras, a floodlight cam, and a video doorbell). For this review, I augmented the HC64A kit with a USB-powered camera, a doorbell camera, and a motion detector.

Measuring 7.1 x 7.5 x 3.3-inches (HxWxD), the console will easily fit on any desk, kitchen counter, or even a bookshelf. Its fold-up antennas help bring in weak Wi-Fi signals, but they add 2.3 inches to its height. The center of attention is its angled 7-inch, 720p display that can show up to four video streams simultaneously.

three camera feeds on the lorex smart home console Brian Nadel / IDG

The Lorex Smart Home Security Center’s console supports up to eight cameras, but it can show only four video streams at once.

The system has a dual-band (2.4- and 5GHz) Wi-Fi adapter onboard, as well as a Bluetooth LE radio. It supports a variety of indoor and outdoor Lorex home security cameras, including a camera/floodlight combo. The company doesn’t sell door locks, thermostats, smoke detectors, or air-quality sensors, and the hub can’t connect to generic smart home devices that use the Zigbee or Z-Wave protocols. As such, it’s a better security camera system than it is an entire smart home system.

This Lorex hardware does work with Amazon Alexa and Google Home Assistant, but it can’t stream video directly to an Amazon Echo or Google Nest smart display. You can stream the camera feeds to a TV that has an Amazon Fire TV or Chromecast plugged into it. It isn’t compatible with Apple’s HomeKit ecosystem, and Lorex is not part of the Connectivity Standards Alliance’s Matter initiative to standardize smart…


South Korea boosts laws after hacker sells nude videos from smart home devices for bitcoin

  • Hundreds of apartment buildings across the country were targeted, with compromising footage of residents’ private lives sold on the dark web
  • The incident has prompted the government to strengthen cybersecurity rules to protect residents in a country where 63 per cent of people live in flats

South Korea is reviewing online security regulations after a hacker targeted hundreds of smart home devices and sold intimate video footage of residents on the dark web in exchange for bitcoin.

Alerted by the Korea Internet Security Agency to the case, police last week launched an investigation and confirmed hacked video footage from apartments across the country were leaked online.

Thumbnail images of the video clips on the dark web showed scenes of private home life, naked bodies and sex scenes, said IT Chosun, a tech news website that exposed the hacking this month.

Do you have questions about the biggest topics and trends from around the world? Get the answers with SCMP Knowledge, our new platform of curated content with explainers, FAQs, analyses and infographics brought to you by our award-winning team.

Hong Kong cybersecurity expert warns of risks posed by smart home devices

A reporter posing as a buyer contacted the hacker, who said in an encrypted email that it cost 0.1 bitcoin (about US$5,736) to gain video access to an apartment for 24 hours. The hacker reportedly supplied the writer a long list of flats to choose from.

Smart home features installed in Korean apartments first began as intercom systems, but grew to have expanded functions. Many new flats today have smart home devices, including wall pad door locks, lights, heaters, refrigerators, laundry machines and air conditioners that can be controlled by smartphones remotely.

Some systems include surveillance cameras, which the incident shows is vulnerable to invasion of privacy. If a hacker succeeds in breaching the security of one home, they can also access footage of neighbouring apartments connected through the building’s network, IT Chosun said.

In South Korea, 63 per cent of households live in flats.

Many new homes in South Korea come with smart home systems installed. Photo: Shutterstock

© Provided by South China Morning Post
Many new homes in South Korea come with smart home systems installed….


Connected home devices posing more hacking risks for Indian firms

Nearly 86 per cent of Indian enterprises believe that the shift to remote working during the pandemic has resulted in an increased number of IoT (Internet of Things) security incidents via connected devices at home, according to a new report.

Smart home  connected devices such as light bulbs, wearable devices such as heart rate monitors, connected sports equipment, kitchen appliances such as coffee machines, game consoles and even pet technology are among the list of the strangest devices identified in the study.

About 84 per cent organisations in the country have seen an increase in the amount of non-business IoT devices connected to their business network over the past year, according to cyber-security firm Palo Alto Networks.

While 73 per cent respondents believe that IoT security regulations are not keeping pace with the amount of IoT connecting devices, thus putting them at risk, 97 per cent believed that their organisation’s approach to IoT needs improvement.

Connected cameras, connected wearables and connected home devices are some of the non-business devices organisations have found attached to their networks, which could be posing risk to Indian enterprises.

“Remote workers need to be aware of devices at home that may connect to corporate networks via their home router. Enterprises need to better monitor threats and access to networks and create a level of segmentation to safeguard remote employees and the organisationa�s most valuable assets,” said Vicky Ray, principal researcher, Unit 42 at Palo Alto Networks.

Cyber criminals know that one small IoT sensor can provide entry into a corporate network to launch ransomware attacks and more.

According to the global survey of IT decision makers by Palo Alto Networks, 78 per cent of respondents from organisations that have IoT devices connected to their network reported an increase in non-business IoT devices on corporate networks in the last year.

“IoT adoption has become a critical business enabler. It presents new security challenges that can only be met if employees and employers share responsibility for protecting networks,” Ray added.