Peloton Bike Bug Could Give Hackers Access To Video What You Need To Know

Peloton Bike Bug Could Give Hackers Access To Video: What You Need To Know

Contents

The Peloton Bike+ is a powerful and smart piece of equipment — and it can also be hacked fairly easily. Here’s what one security report discovered.

You Are Reading :[thien_display_title]

Peloton Bike Bug Could Give Hackers Access To Video What You Need To Know

Peloton has found itself faced with another fire to put out — this time thanks to claims that its software is easy to hack. While it’s not a security issue that every Peloton user needs to be worried about, it certainly doesn’t help considering all of the other bad PR Peloton has been hit with in 2021.

Back in April of this year, reports from the Consumer Product Safety Commission warned that the Peloton Tread+ wasn’t safe in households with children. The CPSC revealed 39 incidents had been reported of children being dragged underneath the Tread+’s running track — including one where a child was killed. Peloton initially responded to the report in a dismissive manner, saying that the Tread+ was perfectly safe and that these outlier incidents happened due to people not using the machine properly. This (obviously) didn’t sit right with many people, and a little under a month later, Peloton ended up issuing a recall for the Tread and Tread+.

Fast forward to June 2021, and Peloton has another issue to address. Per a new report from cybersecurity firm McAfee, the underlying Android software that powers the Peloton Bike can be hacked in a way that compromises the person using it. After an attacker injects malicious code to the Peloton Bike, they could do a couple of things — such as mimicking a Spotify app that grabs the person’s log-in info or controlling the Bike’s microphone/camera to spy on them.

See also  Emile Hirsch 5 Best & 5 Worst Movies According To IMDb

Why Peloton Users Should (And Shouldn’t) Be Worried About This

While this sounds incredibly concerning on the surface, the silver lining is that it’s mostly limited to the $2,495 model of the Peloton Bike+. For anyone using the regular Bike, this does not apply. Furthermore, a hacker requires physical access to the Bike+ to take control of it as outlined above. Unless a hacker manages to sneak inside someone’s home, has the time to use a USB drive to inject the code, and leave without being caught, there’s not really anything to worry about.

That said, this vulnerability could have legitimate consequences for public spaces that use the Peloton Bike+ — such as a gym or office. As McAfee points out, “an attacker could simply walk up to one of these devices that is installed in a gym or a fitness room and perform the same attack, gaining root access on these devices for later use.” McAfee also warns that the attack could be pulled off at any point during the supply chain process, meaning a rogue employee could infect a Bike+ with the malicious code before it’s shipped to a customer.

McAfee informed Peloton of this vulnerability on March 2, 2021, and “shortly after,” Peloton issued a software update the patched it (specifically, software version PTX14A-290). It’s also noted that Pelton’s team was “receptive and responsive with all communications,” which is a nice change of pace compared to how it handled the recall issue earlier this year.

Link Source : https://screenrant.com/peloton-bike-plus-bug-hacker-microphone-camera-access/

Movies -