Why does Greek gift mean malicious gift

The Gift Of The Cyber ​​Attack: What You Need To Know Before Giving Away Smart Devices

With the holiday season in full swing, the temptation to buy clever and practical gadgets as gifts for our friends and family is always there. Everyone loves a smart device that does interesting things. However, few people think about the potential safety implications and potential issues before taking a shiny new toy off the virtual shelf.

The researchers on the Tripwire Vulnerability and Exposure Research Team selected a smart item suitable for a Christmas present and put it to the test. The item selected for the security test was an Amazon best-selling item listed in the platform's gift guide - a Wi-Fi microscope.

The microscope has Wi-Fi connectivity capabilities that require a computer or mobile device to store high resolution digital images recorded by the microscope's camera. The type of connection to different devices differs significantly for this particular microscope, the research team pointed out. The mobile app stores for Android and iOS devices have their own app.

PC users will need to download a third-party program that will allow access to the camera via a USB connection or an IP address. The most convenient and generally most secure option was available for Mac computers. Mac users can simply connect the device via USB and use a native macOS application.

There are also issues with the mobile app connectivity option, the team explains. If you connect to your microscope with a phone, the microscope will still act as a Wi-Fi access point that is not password-protected, even if you use the official app provided for it. This means that once connected to the microscope, your phone is exposed to potential attack via the unsecured access point.

Potential bad actors that are within range can also fake the microscope and replace the phone connection with a connection to a new malicious access point.

As an extreme case, the researchers cited the possibility that bad actors could develop a particular exploit for that particular microscope that would allow them to execute arbitrary code on a connected mobile device and effectively give them full access to everything on the phone.