Researchers Reveal New Data Exfiltration Attack Using Smart Light Bulbs

Researchers from the University of Texas at San Antonio recently concluded that some smart light bulbs can leak multimedia preferences and may be used to extract data from personal devices.

Using LIFX and Philips Hue bulbs in their study, researchers Anindya Maiti and Murtuza Jadliwala said that attackers can exfiltrate data by observing audio-visualizations. However, the technique will only work with bulbs that support infrared lighting, without needing authorization control from the local network. The attacker also needs to plant a malware that will encode private data from the target device and send it to the smart light bulbs.

Although largely experimental, it is said that the researchers were able to establish that infrared light can be used to steal meaningful information from relatively large distances in their paper called “Light Ears: Information Leakage via Smart Lights“.

 

Source: Bleeping Computer