Awkward: Nest cameras speaker abused to tell victims to subscribe to Youtube channels

Published by

teaser

An attacker has been successful to login to dozens of Nest cameras, mainly due to reused passwords. Once logged in, the attacker used the speakers of the camera to demand from victims to subscribe to Youtuber PewDiePie. The attacker also asked to prove the subscribe by performing it while he watched on the cam.



Against Vice Magazine, the attacker stated he uses usernames and passwords that have been compromised in various leaks, mentions myce:

With this leaked login data the attacker then attempts to login to Nest accounts. This is sometimes possible, because some Nest owners use the same leaked login data for their Nest account, and possibly many other accounts.  Once logged in, the Nest accounts provide live access to the Nest camera of the victim. The attacker claims that with this method he obtained login data for 4,000 Nest accounts. Nest users are advised to reset their password to a unique one, and to use two-factor authentication.

Awkward: Nest cameras speaker abused to tell victims to subscribe to Youtube channels


Share this content
Twitter Facebook Reddit WhatsApp Email Print