Jeremiah Fowler, a cybersecurity researcher at vpnMentor, discovered a “unprotected database” on the internet. Fully accessible without any protection, it contained nearly 2.7 billion records, including sensitive data. During his investigation, the researcher realized that the system belongs to Mars Hydro, a Chinese firm specializing in indoor growing equipment, including LED horticultural lights, grow tents, and other accessories to promote plant growth. The company has warehouses in the United Kingdom, the United States, and Australia.
An application at the origin of the exposed data
The database, which weighs a total of 1.17 TB, contained a mountain of information about the smartphones of Mars Hydro customers. Indeed, several of the devices designed by the Chinese brand are connected objects. To interact with them, you have to install a companion application on your smartphone. The app is available on both Android and iOS. It was this application that was first suspected of having transmitted a lot of data to the Chinese company. It is available in Chinese, English, French and German on the official stores.
Through its partner LG-LED SOLUTIONS LIMITED, a Chinese company registered in California, Mars Hydro therefore held a large amount of information on its customers' phones. Among the data exposed, we find the SSID (Wi-Fi network name), Wi-Fi network passwords, IP addresses, device identification numbers, and the version number of the installed application.
However, the brand's application does not collect any user data, noted the vpnMentor researcher. In any case, this is what the Chinese company claims on the Play Store and the App Store. In fact, there is no reason for Mars Hydro to have details about the Wi-Fi network to which its users' smartphones are connected. The researcher believes that it may be the connected devices themselves that are seizing the data.
Read also: Wave of scams on Gmail – FBI warns against AI-boosted phishing
Valuable data for cybercriminals
As Jeremiah Fowler explains in his report, this data can be used in various cyberattacks. The expert cites in particular the risks of finding oneself in the sights of a man-in-the-middle attack. In this attack, a hacker discreetly interposes himself between two communicating parties, such as a website and a user. He intercepts, modifies or steals the data exchanged without the victims noticing. This attack often occurs through compromised Wi-Fi networks.
Theoretically, the data could allow a hacker to take control of the Wi-Fi network, compromising all devices connected to it. It is also possible that the data could be used to conduct large-scale espionage operations. By using the exposed data, a seasoned hacker could do a lot of damage.
Warned by the researcher, Mars Hydro promptly took steps to protect its users. Within hours, “the database was blocked from public access”, the researcher notes. It is unclear how long the database was exposed before Jeremiah Fowler’s intervention. Likewise, it is unclear whether a cybercriminal was able to glean the information listed.
Source: VPNMentor
0 Comments