steal router passwords- insecure connected kettles

Connected kettles boil over, spill Wi-Fi passwords over London

A security man has mapped and hacked insecure connected kettles across London, proving they can leak WiFi passwords.

The iKettle is designed to save users precious seconds spent waiting for water to boil by allowing the kitchen staple to be turned on using a smartphone app.

Pen Test Partners bod Ken Munro says hackers can make more than a cuppa, however: armed with some social engineering data, a directional antenna, and some networking gear they can "easily" cause the iKettle to spew WiFi passwords.

"If you haven’t configured the kettle, it’s trivially easy for hackers to find your house and take over your kettle," Munro says. "Attackers will need to setup a malicious network with the same SSID but with a stronger signal that the iKettle connects to before sending a disassociation packet that will cause the device to drop its wireless link.

http://www.theregister.co.uk/2015/10/19/bods_brew_ikettle_20_hack_plot_vulnerable_london_pots/

The Android iKettle app is the biggest security flaw, since it keeps the kettle's password as the default value. But the iOS version of the app sets a six-digit code that can still be broken into.

Wi-Fi kettles aren't the only thing in your kitchen that's going to be connected to the internet.Payments company Visa told Business Insider in March that internet-connected fridges are going to be increasingly popular.

http://uk.businessinsider.com/how-to-hack-into-a-kettle-2015-10?utm_content=bufferbb81b&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer?r=US&IR=T