Amazon recommends video doorbells that can let anyone spy on you, report finds

There are brands of video doorbells that all appear connected by one big flaw, according to a report.

Researchers said they’ve found multiple video doorbells with serious security concerns.Despite the alleged lack of safety, the doorbells are being sold by Amazon, Walmart, and more.At least one doorbell sold by a brand was marked as “Amazon’s Choice” product.

You might want to double-check that your video doorbell isn’t vulnerable to being hacked.

Researchers said they found a string of video doorbells sold by retail giants such as Amazon, Walmart, Temu, Shein, and Sears that hackers can infiltrate and gain access to footage, IP addresses, and WiFi networks, according to a Consumer Reports investigation.

Test engineers at CR identified four companies that appear to sell nearly identical models of doorbell cameras, and those models all showed the same vulnerability to cyberattacks, they said.

Some of the brands named in the report are Eken, Tuck, Rakeblue, and Fishbot, and their doorbells all use the Aiwit app — owned by Eken — to operate.

Despite the alleged security concerns, at least one doorbell from Tuck has the “Amazon’s Choice” recommendation. The model is rated at 4.3 stars and boasts over 300 sales in the past month as of February 29.

The Tuck SHARKPOP doorbell uses Aiwit app, and it’s marked as “Amazon’s Choice”

Justin Brookman, director of technology policy for CR, said it’s up to the e-commerce platforms to make sure harmful products are being sold under their noses.

“There is more they could be doing to vet sellers and respond to complaints. Instead, it seems like they’re coasting on their reputation and saddling unknowing consumers with broken products,” Brookman told CR.

So broken, CR alleges, that anyone can walk up to one of the doorbells they tested, hold the button long enough for it to go into pairing mode, and link the video doorbell to their account on the Aiwit app.

Then, the device could be controlled from their phone if it’s connected to WiFi. What’s more, a hacker could continue having access even if the owner paired their device back to the doorbell by using the device’s serial number (they can find it when pairing with the video doorbell), CR reported.

A spokesperson for Walmart told BI that it has removed the doorbells from its marketplace and is offering refunds through its return policy.

“We expect these items to be safe, reliable and compliant with our standards and all legal requirements,” Walmart’s statement read. “Items that are identified to not meet these standards or requirements will be promptly removed from the website and remain blocked.”

Business Insider reached out to Amazon, Temu, Shein, and Sears, and didn’t immediately receive responses.

Representatives for Temu told The Verge that it would halt sales of the doorbells as it investigates the security concerns.

BI also reached out to Eken for comment on these issues and details about the brand names through which it appears to sell these video doorbells, but got no response.

Amazon has had a history of backlash for some of the items listed on its site for sale. In 2020, the retailer removed listings for merchandise associated with the far-right white nationalist group the Proud Boys.

Read the original article on Business Insider

You May Also Like

More From Author

+ There are no comments

Add yours