Security flaws found in doorbell cameras sold on Amazon, Walmart
Doorbell cameras sold by major retailers like Amazon, Walmart, Shein, Sears, and Temu have been found to have security flaws, according to a recent investigation by Consumer Reports. Researchers have identified several companies that appear to sell almost similar doorbell camera models, and all of those demonstrate the same vulnerability to cyberattacks. As a result, bad actors could potentially view footage, IP addresses, and Wi-Fi networks, or even take control of the devices.
Vulnerabilities in doorbell cameras
Security flaws have been discovered in devices made by China's Eken Group Ltd, which produces video doorbells under the brand names EKEN and Tuck. The issues stem from their control by company-operated app Aiwit. Researchers found that bad actors could create an account on the app, pair a nearby doorbell camera with another device, and gain access to footage or still images while locking out the owner. Some cameras even lack the registration code required by Federal Communications Commission (FCC).
Retailers address security concerns
Following the investigation, Temu removed Eken-made doorbells from its platform, while Walmart stated that the affected cameras were listed by third-party sellers and have since been removed, with refunds being offered. However, Amazon, which awarded at least one Tuck doorbell its "Amazon's Choice" badge, has not yet responded to requests for comment. This particular model is rated at 4.3 stars. Sears and Shein have also not provided any response.
"Need to do a better job"
Justin Brookman, director of tech policy at Consumer Reports, stated that "major e-commerce platforms like Amazon and Walmart need to do a better job of vetting sellers and products sold on their platforms, so consumers are not put at risk."
