Forgot your password?
typodupeerror
Spam Networking Security Technology

The Spamming Refrigerator 90

Posted by timothy
from the silly-rabbit-spam-is-for-cans dept.
puddingebola writes "The 'Internet of Things' is as susceptible to malware and spam as the rest of the net. From the article, 'A fridge has been discovered sending out spam after a web attack managed to compromise smart gadgets...The spam attack took place between 23 December 2013 and 6 January this year, said Proofpoint in a statement. In total, it said, about 750,000 messages were sent as part of the junk mail campaign. The emails were routed through the compromised gadgets. About 25% of the messages seen by Proofpoint researchers did not pass through laptops, desktops or smartphones, it said.' Read Proofpoint's statement here."
This discussion has been archived. No new comments can be posted.

The Spamming Refrigerator

Comments Filter:
  • by thrill12 (711899) on Saturday January 18, 2014 @10:06AM (#45997897) Journal
    The articles are not backed by any facts, and leave out all technical details. Read this article for more info :Arstechnica [arstechnica.com]
  • Re:So guys... (Score:5, Informative)

    by mikael (484) on Saturday January 18, 2014 @10:08AM (#45997907)

    They were talking about this idea 18 years ago, in the mid 1990's. The idea was that all food packaging would have RFID tags with use-by-dates. The fridge could then send you emails telling you that various items were going to go off soon, or that you were going to run out of something. Then you could drive home from work and go to the nearest supermarket, or send the list would be sent automatically to a delivery company like Peapod, who would then do a delivery.
    It seemed a perfectly good idea for those with Hollywood sized kitchens with a freezer the size of a double bay garage, but for the rest of world who have little R2D2 sized fridges as part of energy efficiency programs, it really wasn't much use.

    Though, it took me by surprise when my neighbors TV set (Philips 8000 series) appeared in awifi scan. Apparently, these sets can do wifi mirroring (Miracast) where the screen output is sent to other media devices, and vice versa.

  • by mikael (484) on Saturday January 18, 2014 @10:11AM (#45997921)

    You would only need the TCP/IP protocol stack to be configured to support source routing. From a typical "tiger" output report

    --FAIL-- [lin016f] The system permits source routing from incoming packets

    Source routing might permit an attacker to send packets through your
    host (if routing is enabled) to other hosts without following your
    network topology setup. It should be enabled only under very special
    circumstances or otherwise an attacker could try to bypass the traffic
    filtering that is done on the network:

  • Re:So guys... (Score:5, Informative)

    by causality (777677) on Saturday January 18, 2014 @11:12AM (#45998283)

    That default password jazz is something I wish manufacturers would get away from, even if a solution is a hard reset and the user selects a password all over again.

    If it makes you feel better, I recently bought a wireless router from a major manufacturer. I plug it in, connect it to my computer, go to http://192.168.1.1/ [192.168.1.1] and fine-tuned all the settings to be just the way I want, particularly those involving setting my own passwords (on the router's administration and on the secure wifi network). Everything nice and neatly set up. That's the first thing I did as soon as I took it out of the box because I try not to be an irresponsible douchebag.

    I run my own local caching DNS server. I don't own a domain. I just use it to resolve hostnames because it's more reliable than my ISP's. Imagine my surprise when I found that my router's UNDOCUMENTED "first-use" behavior was to hijack all DNS traffic. Suddenly google.com resolved as 192.168.1.1 and so did every other domain. With my own DNS server on my statically-configured machine (not proxying DNS through the router like its DHCP settings for attached clients would direct). The router was actually intercepting and hijacking UDP port 53 traffic.

    Apparently they do this so that irresponsible dumb users can't go to any Web site without first accessing the router's configuration page. Nevermind that I had already done the configuration. Nevermind that irresponsible dumb users tend not to have statically (thus, manually) assigned network information. Nevermind that irresponsible dumb users tend to just use their ISP's dns servers by proxying DNS through the router (shows 192.168.1.1 as DNS server) instead of running their own. Nevermind that this was mentioned nowhere in the documentation.

    The default passwords were at least unique if not particularly secure. But this company was definitely proactive against the "turning irresponsible people loose with unchanged default settings" tendency. To the point of hassling someone who, in multiple detectable ways, does not use the device that way.

1: No code table for op: ++post

Working...