controls the bulb’s color or brightness to trick users into thinking the bulb
has a glitch. The bulb appears as ‘Unreachable’ in the user’s control app, so
they will try to ‘reset’ it.
The only way to
reset the bulb is to delete it from the app, and then instruct the control
bridge to re-discover the bulb.
discovers the compromised bulb, and the user adds it back onto their network.
hacker-controlled bulb with updated firmware then uses the ZigBee protocol
vulnerabilities to trigger a heap-based buffer overflow on the control bridge,
by sending a large amount of data to it. This data also enables the hacker to
install malware on the bridge – which is in turn connected to the target
business or home network.
connects back to the hacker and using a known exploit (such as EternalBlue),
they can infiltrate the target IP network from the bridge to spread ransomware