Hackers' tactics aimed at smart home IoT

Like many people, before you fall asleep every night, you make sure your doors and windows are locked and take great care to keep your family safe from outside threats. Probably. The only thing you may have overlooked is your smartphone at your bedside. If you collect smartphones that emit radio waves all over your house, you will now have some unlocked doors that criminals can break into. It may be damaged someday, if not tonight.

You may have purchased IoT devices in the last few years and have them installed all over your house before you know it. You may have a voice assistant, baby monitor, thermostat, treadmill, game system, fitness watch, smart TV, refrigerator, and many other fun and useful gadgets. You will be connected to your smartphone every time you buy an IoT device. You now have a growing digital ecosystem around you. And I think you're paying attention to those invisible power grids, but hackers are always aiming for them as well.

This pulsating digital framework in your home provides a potential new gateway for cybercriminals to your life and your data. Depending on your device, accessing your smartphone can literally unlock doors through your home security system while you're on the go, eavesdrop on family conversations through your voice assistant to collect important information, or even play games. You may be able to access your financial information via a machine, tablet, or laptop.

Before launching your smart TV, drone, or sound system, change the factory settings for each product and replace it with a bulletproof password to create a protective layer between you and the hacker.

We are connected people who live in a house where various things are connected. Wired networks are part of our lifeline and the source of what we can do to protect them. One way to do this is at the router level, which has built-in protection *. This will allow you to protect the connected device.

Cyber ​​criminals want consumers to ignore software updates. It makes their job so easy. Be sure to perform a software update on your device, security software, and IoT products when you see the warning.

The most common gateway to all these connected devices is your smartphone. We've done a lot to protect your phone, including lock screens, secure passwords for your accounts, and system updates, but hacking is still inadequate. According to McAfee's recent Mobile Threat Report, the range and complexity of mobile hacks is increasing at an alarming rate, and so is the need to take action.

According to the latest statistics, the average person's mobile phone has 60-90 apps installed. How much would you add up all the apps for your family living in your home? Hackers are aiming from 200 to 500 apps. Hackers focus on digital trends. They go to places where many people gather. Because it's a place where they can make a lot of money. Many people who own a lot of IoT devices control those devices in their homes from their smartphone apps, so app downloads will be above average.

Hidden apps take a way to trick users into downloading them to their phones. Hidden apps (such as TimpDoor) are typically distributed to users via Google Play when they download games or customized tools. TimpDoor communicates directly with the user via a text message with a link to a voice message that gives detailed instructions to enable the app from an unknown source. The link downloads malware that runs in the background after the app exits. While the user forgets to download it and spends it, the malware runs in the background and continues to be able to access other internal networks of the smartphone. It is a threat that hackers exploit the characteristics of connected devices such as always-on mobile phones.

Don't click traps or links to other apps sent by text message.

Download only apps hosted by official trusted stores and verified partner sites.

Do not click on suspicious links, password prompts, or email links, pop-ups, or direct messages that contain fake attachments. Delete and block spam emails and text.

Disable if you are not using the app. And as a safety habit, remove related apps from your cell phone, tablet, or laptop that you no longer use.

Again, hackers aim for a lot of people. These days, Fortnite, which boasts over 60 million downloads, is one of them. The Fortnite pandemic has encouraged hackers to disguise fake Fortnite apps as if they were real, and malicious app developers are making great efforts to make downloads look legitimate. It provides attractive downloads and promises users a large amount of free perks and additional services. When a user downloads a fake app, criminals can raise money through advertising, send text messages with links to more malicious apps, cryptojacking, or install malware or spyware. increase.

Not all gaming companies deliver via Google Play or the App Store. This makes it even more difficult for users to know that the app they are downloading is legal. Do everything you can to verify the legitimacy of the site you are downloading from.

If you download the app and it starts requesting access to what is outside of that service, remove it from your device immediately.

Prevent new bugs and threats by automatically updating your device.

Check your statement regularly to monitor your usage history for cards linked to your Fortnite account. If you notice repeated or multiple transactions from your account, or if you incur unrecognized charges, please contact your financial institution immediately.

Check the legitimacy of the app. It's also a good idea to read other user reviews before you download anything. The same is true for partner sites that sell game hacks, credits, patches, or virtual assets that players use to earn ranks in the game. Beware of "free" downloads and avoid illegal file sharing sites. Free downloads can be a hotbed of malware. Take advantage of paid options from safer, more reliable sources.

* The content of this page is the content of the following McAfee Blog updated on March 23, 2019 (US time). Original: Hidden & Fake Apps: How Hackers Could Be Targeting Your Connected Home Author: Toni Birdsong