Security Flaws Exposed: Popular Video Doorbells Vulnerable to Hacking

Critical Vulnerabilities Found in EKEN and Tuck Doorbell Cameras

Recent research by Consumer Reports has uncovered alarming security flaws in internet-connected doorbell cameras manufactured by EKEN, a Shenzhen-based company. These vulnerabilities affect devices sold under brands like EKEN, Tuck, and others, exposing users to potential hijacking and privacy breaches.

How Hackers Can Take Control

The most severe vulnerability allows attackers to gain full control of the doorbell camera with minimal effort:

  • Physical Access Required: An attacker must be within close proximity to the device.
  • Simple Exploit: By holding the doorbell button for 8 seconds, the device enters pairing mode.
  • App-Based Hijacking: Using the Aiwit app (with over 1M downloads on Google Play), the attacker can:
    • Create a new account
    • Scan a QR code displayed by the app via the doorbell camera
    • Transfer device ownership to their account

While owners receive an email notification about the ownership change, the damage may already be done by then.

Additional Security and Privacy Concerns

Consumer Reports identified three other critical issues:

  1. IP Address Exposure: Doorbells broadcast owners’ IP addresses publicly
  2. Unsecured Image Transmission: Still images can be intercepted without authentication
  3. Wi-Fi Network Leakage: The local Wi-Fi network name is transmitted unencrypted

Marketplace Response: A Mixed Picture

After being alerted by Consumer Reports:

  • Walmart and Temu removed affected products
  • Amazon, Sears, and Shein continue selling vulnerable models

Temu’s spokesperson stated they took “swift action” to remove all related products after receiving security vulnerability details.

The Bigger Picture: Smart Device Security Risks

This incident highlights two critical consumer protection gaps:

  1. Lack of Security Transparency: Buyers have no way to verify smart devices’ security measures
  2. Marketplace Accountability: Online retailers often fail to properly vet products until flaws are exposed

What Consumers Should Do

  • Research before buying: Look for security certifications and independent reviews
  • Monitor device activity: Watch for unexpected ownership change notifications
  • Consider reputable brands: Prioritize manufacturers with strong security track records

For more on connected device risks, see our coverage of malware-laden Android TV boxes.

Note: EKEN did not respond to requests for comment from either Consumer Reports or TechCrunch.

📚 Featured Products & Recommendations

Discover our carefully selected products that complement this article’s topics:

🛍️ Featured Product 1: A&I Genuine Part 161340AV SPINDLE LH/RH

A&I Genuine Part 161340AV SPINDLE LH/RH Image: Premium product showcase

High-quality a&i genuine part 161340av spindle lh/rh offering outstanding features and dependable results for various applications.

Key Features:

  • Premium materials and construction
  • User-friendly design and operation
  • Reliable performance in various conditions
  • Comprehensive quality assurance

🔗 View Product Details & Purchase

💡 Need Help Choosing? Contact our expert team for personalized product recommendations!

Remaining 0% to read
All articles, information, and images displayed on this site are uploaded by registered users (some news/media content is reprinted from network cooperation media) and are for reference only. The intellectual property rights of any content uploaded or published by users through this site belong to the users or the original copyright owners. If we have infringed your copyright, please contact us and we will rectify it within three working days.