Nexx Security Components Aren't Safe, Say Security Experts
Table of Contents
- By Steven
- Apr 14, 2023
Nexx is a home security company that specializes in internet-connected security devices such as alarms, garage door openers, cameras, plugs, and more. The company works to make homes safer and to help with home automation goals. Unfortunately, it appears that Nexx products are vulnerable to some major security issues, and it doesn't appear that the company is actively working to fix the issues. If you have Nexx home security components in your house, you should be careful and consider replacing them with more secure products instead.
How Did the Attack Occur?
Thanks to research performed by Sam Sabetan, an independent security researcher, several serious vulnerabilities have been identified in Nexx products. These vulnerabilities leave customer data available to steal and also enable attackers to control garage doors and other system devices throughout the home. No formal cyber attack was launched against Nexx product owners, but it's likely that hackers have been taking advantage of these vulnerabilities for an extended period of time. If you have Nexx devices in your home, you should know that they aren't secure, and it doesn't appear that there is a fix available for this problem at the moment.
What Information Was Viewed or Stolen?
The most serious issue that is caused by this security issue is the loss of security in garage doors in homes throughout the country. If your house is equipped with a Nexx garage door system, attackers can open the garage without your permission. It's also possible to collect user data from the Nexx systems, and attackers have the ability to gather first names, email addresses, and device IDs. This information can be used for phishing attacks and can also be utilized to hack into other Nexx devices on the person's home network.
How Did Nexx Admit to the Breach?
Nexx hasn't issued any sort of statement and hasn't warned its customers about the security vulnerabilities in its devices. If you own Nexx products, it seems that you are on your own, and you cannot trust the equipment to keep your home safe or to keep it running properly. The issue is so major that the U.S. Cybersecurity and Infrastructure Security Agency or CISA has published an alert about the issue to let other people know.
What Will Become of the Stolen Information?
Attackers are likely to use the Nexx security vulnerabilities to get into homes, gather user data, and stop homes from functioning properly. In extreme cases, such as with garage doors, attackers can actually take control of devices and get them to act how they want them to. This is a dangerous issue and a major security risk that should be resolved as soon as possible. Unfortunately, Nexx isn't responding to any of the requests from interested parties.
What Should Affected Parties Do in the Aftermath of the Breach?
If you are currently relying on Nexx devices in your home network, you should take steps to immediately disconnect them from the internet. Also, make sure your Nexx devices are not managing any important data because it could be stolen thanks to the vulnerabilities in the Nexx system devices.