iKettle Connected Brew Maker Pours Out Unprotected Wi-Fi Passwords, Too

By Aatif Sulleyman on at

An internet-connected kettle is a gadget that nobody actually needs, yet the iKettle appears to be all the rage right now. People are lazy, with more money than sense, and they could soon be punished for their shotcomings.

A security expert at Pen Test Partners has figured out how to hack into people’s iKettles, forcing them to give up precious Wi-Fi passwords. Ken Munro, who managed to weedle his way into the hi-tech kettles' systems by using networking gear, a directional antenna and social engineering data, has even created a map of unprotected iKettles in London.

"If you haven’t configured the kettle, it’s trivially easy for hackers to find your house and take over your kettle," he said. "I can sit outside of your place with a directional antenna, point it at your house, knock your kettle of your access point, it connects to me, I send two commands and it discloses your wireless key in plain text."

Android-loving iKettlers are apparently the easiest targets, though it's not a lot harder to force your way into the systems of iOS-connected iKettles. Enjoy your brew. [Register]