We have recently seen a series of smart pet food dispensers arrive on the crowdfunding platform of Xiaomi. Furrytrail is among those that have achieved the greatest success, so much so as to enter into the sights of a Russian hacker who has violated the security protocols, questioning the vulnerability of the product.
In fact, the discovery was made by chance and the company has already been made aware of the flaw, as told by IT specialist Anna Prosvetova, who managed to hack and gain access to data for most of the Furrytrail automatic feeders Pet Smart Feeder. This gadget dedicated to our friends at 4 paws, is controlled through the companion app which unfortunately does not contain encrypted data, allowing the hacker Anna to see a lot of information about the acquirer as well as remotely manipulating smart distributors, leaving thousands of dogs and cats without food.
A Russian hacker takes control of the Furrytrail smart power supplies
In the video above you can see what the Furrytrail gadget allows and you can also imagine what it would be like to find the Russian hacker in the wrong hands. In fact, the security flaw makes it possible to eliminate food distribution programs or even modify them by letting the small pet bog out. The fact is that the devices subject to potential hacking are almost 11000, which happens through a DDOS botnet that remaps the ESP8266 chipset, allowing to install a fictitious firmware.
Fortunately the hacker Prosvetova has notified the producer of the detected vulnerability and it is expected that soon a patch will be launched via app compaion to solve the problem. If you have one of these gadgets it would be advisable to disconnect them from the Internet, although Anna has stated that she will not make any attacks on power supplies, always better than prevention. If you are familiar with Russian and want to learn more, the hacker has his own Telegram channel where he told the bizarre story.