Arab Press

بالشعب و للشعب
Tuesday, Aug 26, 2025

More than 83 million smart devices, including baby monitors, at risk from hackers

More than 83 million smart devices, including baby monitors, at risk from hackers

Hackers could listen to and watch live audio and video feeds from smart cameras and baby monitors, due to a vulnerability being disclosed by Mandiant and the US Cybersecurity and Infrastructure Security Agency.
A critical vulnerability affecting more than 83 million smart devices, including smart cameras and baby monitors, could allow hackers to listen to and watch live audio and video feeds, it has emerged.

The flaw "poses a huge risk" to people's security and privacy said security company Mandiant, which is coordinating its disclosure with the US Cybersecurity and Infrastructure Security Agency (CISA).

While default passwords have prompted UK security services to warn consumers about criminal activity, the flaw discovered by Mandiant also affects devices which do not use default passwords.

According to Mandiant, the problem is in an IoT (Internet of Things) software protocol called Kalay, developed by Taiwanese company ThroughTek, which offers a platform to control smart devices from.

Before the coordinated disclosure was made, ThroughTek warned users to update their software to stop hackers accessing "sensitive information in transmission and on victim devices".

A similar vulnerability was discovered in the Kalay protocol by Nozomi Networks earlier this year, although Mandiant says its discovery is more severe, allowing attackers to remotely control affected devices as well as snoop on them.

Because the Kalay protocol is installed by both original equipment manufacturers (OEMs) and resellers before smart devices reach consumers, Mandiant said it couldn't determine a complete list of products affected.

However, the business - which is part of cyber security company FireEye - noted ThroughTek's website "reports more than 83 million active devices on the Kalay platform at the time of writing".

Back in 2014, the UK's data watchdog warned Britons that private webcam feeds were being streamed on a Russian website, using default logins and passwords to access the devices.

The British government plans to introduce a new law which will force OEMs and resellers of smart devices to meet minimum security requirements in the UK.

The government announced the Product Security and Telecommunications Infrastructure Bill during the Queen's Speech earlier this year, although this is not yet law.

Announcing the law earlier this year, digital infrastructure minister Matt Warman said: "We are changing the law to ensure shoppers know how long products are supported with vital security updates before they buy and are making devices harder to break into by banning easily guessable default passwords.

"The reforms, backed by tech associations around the world, will torpedo the efforts of online criminals and boost our mission to build back safer from the pandemic."

A spokesperson for the UK's National Cyber Security Centre (NCSC) said: "We are aware of this vulnerability and ThroughTek has released an update to fix the issue.

"Simply using the platform does not automatically make you vulnerable to real-world impact, as additional information that is hard to guess is needed to exploit the vulnerability in an individual device successfully.

"To maximise protection, the NCSC recommends individuals keep their software up to date by installing the latest vendor updates as soon as practicable."
Newsletter

Related Articles

Arab Press
0:00
0:00
Close
Iran Faces Escalating Water Crisis as Protests Spread
More Than Half a Million Evacuated as Typhoon Kajiki Heads for Vietnam
HSBC Switzerland Ends Relationships with Over 1,000 Clients from Saudi Arabia, Lebanon, Qatar, and Egypt
Sharia Law Made Legally Binding in Austria Despite Warnings Over 'Incompatible' Values
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Miles Worth Billions: How Airlines Generate Huge Profits
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
Beijing is moving into gold and other assets, diversifying away from the dollar
Trump Backs Putin’s Land-for-Peace Proposal Amid Kyiv’s Rejection
Zelenskyy to Visit Washington after Trump–Putin Summit Yields No Agreement
Iranian Protection Offers Chinese Vehicle Shipments a Cost Advantage over Japanese and Korean Makers
United States Sells Luxury Yacht Amadea, Valued at Approximately $325 Million, in First Sale of a Seized Russian Yacht Since the Invasion of Ukraine
Saudi Arabia accelerates renewables to curb domestic oil use
Cristiano Ronaldo and Georgina Rodríguez announce engagement
Asia-Pacific dominates world’s busiest flight routes, with South Korea’s Jeju–Seoul corridor leading global rankings
Private Welsh island with 19th-century fort listed for sale at over £3 million
Sam Altman challenges Elon Musk with plans for Neuralink rival
Australia to Recognize the State of Palestine at UN Assembly
The Collapse of the Programmer Dream: AI Experts Now the Real High-Earners
Armenia and Azerbaijan to Sign US-Brokered Framework Agreement for Nakhchivan Corridor
British Labour Government Utilizes Counter-Terrorism Tools for Social Media Monitoring Against Legitimate Critics
WhatsApp Deletes 6.8 Million Scam Accounts Amid Rising Global Fraud
Texas Residents Face Water Restrictions While AI Data Centers Consume Millions of Gallons
India Rejects U.S. Tariff Threat, Defends Russian Oil Purchases
United States Establishes Strategic Bitcoin Reserve and Digital Asset Stockpile
Thousands of Private ChatGPT Conversations Accidentally Indexed by Google
China Tightens Mineral Controls, Curtailing Critical Inputs for Western Defence Contractors
JPMorgan and Coinbase Unveil Partnership to Let Chase Cardholders Buy Crypto Directly
British Tourist Dies Following Hair Transplant in Turkey, Police Investigate
WhatsApp Users Targeted in New Scam Involving Account Takeovers
Trump Deploys Nuclear Submarines After Threats from Former Russian President Medvedev
Germany’s Economic Breakdown and the Return of Militarization: From Industrial Collapse to a New Offensive Strategy
Germany Enters Fiscal Crisis as Cabinet Approves €174 Billion in New Debt
IMF Upgrades Global Growth Forecast as Weaker Dollar Supports Outlook
Politics is a good business: Barack Obama’s Reported Net Worth Growth, 1990–2025
UN's Top Court Declares Environmental Protection a Legal Obligation Under International Law
"Crazy Thing": OpenAI's Sam Altman Warns Of AI Voice Fraud Crisis In Banking
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
President Trump Diagnosed with Chronic Venous Insufficiency After Leg Swelling
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
Iranian President Reportedly Injured During Israeli Strike on Secret Facility
Kurdistan Workers Party Takes Symbolic Step Towards Peace in Northern Iraq
BRICS Expands Membership with Indonesia and Ten New Partner Countries
Elon Musk Founds a Party Following a Poll on X: "You Wanted It – You Got It!"
AI Raises Alarms Over Long-Term Job Security
Russia Formally Recognizes Taliban Government in Afghanistan
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
×