Sign In

Communications of the ACM

ACM TechNews

McAfee Finds Security Vulnerability in Peloton Products


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Riding a Peloton Bike+.

Software security company McAfee said it founda vulnerability in the Peloton Bike+ that allowed attackers to install malware and potentially spy on riders.

Credit: USAToday

Researchers at software security company McAfee discovered a vulnerability in the Peloton Bike+ that could enable attackers to install malware in the system through a USB port.

The flaw, which the researchers said was associated with the Android attachment accompanying the Bike+, could allow attackers to access its webcam and spy on riders and their surroundings.

It also could allow them to install fake versions of popular apps like Netflix and Spotify, and capture riders' personal information.

McAfee's Steve Povolny said, "The flaw was that Peloton actually failed to validate that the operating system loaded. And ultimately what that means then is they can install malicious software, they can create Trojan horses and give themselves back doors into the bike, and even access the webcam."

Peloton confirmed it was working with McAfee to fix the issue, adding that it recently pushed a mandatory update to affected devices to address the vulnerability.

From NBC News
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account