Sign In

Communications of the ACM

ACM TechNews

McAfee Finds Security Vulnerability in Peloton Products

View as: Print Mobile App Share:
Riding a Peloton Bike+.

Software security company McAfee said it founda vulnerability in the Peloton Bike+ that allowed attackers to install malware and potentially spy on riders.

Credit: USAToday

Researchers at software security company McAfee discovered a vulnerability in the Peloton Bike+ that could enable attackers to install malware in the system through a USB port.

The flaw, which the researchers said was associated with the Android attachment accompanying the Bike+, could allow attackers to access its webcam and spy on riders and their surroundings.

It also could allow them to install fake versions of popular apps like Netflix and Spotify, and capture riders' personal information.

McAfee's Steve Povolny said, "The flaw was that Peloton actually failed to validate that the operating system loaded. And ultimately what that means then is they can install malicious software, they can create Trojan horses and give themselves back doors into the bike, and even access the webcam."

Peloton confirmed it was working with McAfee to fix the issue, adding that it recently pushed a mandatory update to affected devices to address the vulnerability.

From NBC News
View Full Article


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


No entries found