- Smart devices like doorbells and cameras can be infected with malware for cyberattacks
- Malware called residential proxy software creates hidden backdoors in millions of devices
- About 20 million US devices may have secret backdoors allowing hackers to use home internet
If you own a smart doorbell, security camera, tablet, digital photo frame or other internet-connected gadget, it could be doing more than you think.
A report by The Wall Street Journal (WSJ) says millions of everyday devices around the world have been infected with a type of malware that allows hackers to secretly use them for cyberattacks. The malware, known as residential proxy software, can turn a device into a hidden gateway for internet traffic.
This malware creates a hidden "backdoor" that lets outsiders access the device and use the home's internet connection without the owner's knowledge. According to the Digital Citizens Alliance, about 20 million devices in the US may have these hidden backdoors, as reported by WSJ.
Hackers and cybercriminals use these infected devices to carry out illegal activities such as launching cyberattacks, creating fake online accounts, sending spam, or hiding their real location while committing crimes online.
The device owner usually doesn't notice anything unusual because the gadget continues to work normally, even while criminals are secretly using it in the background.
"Millions of those products, especially knockoffs that you buy online, can contain a secret digital backdoor that opens up access to your home internet so that anyone can surf the web as if they were you," according to WSJ.
The report explains that these devices can include digital photo frames, TV streaming boxes, security cameras, tablets and other internet-connected products. Once the device is connected to Wi-Fi, a hidden "backdoor" inside it can automatically link to servers operated by so-called residential proxy companies.
To understand how this works, a man purchased two digital photo frames from Amazon and three TV streaming boxes from Walmart. Within minutes of connecting the devices to the internet, his network saw a sudden surge in traffic.
"Visits to gambling, porn, cryptocurrency and loads of other sketchy websites started pouring in from users around the world," he said.
Last month, police arrested a 23-year-old man from Ottawa, alleging that he had taken control of more than one million compromised devices and used them to launch some of the world's largest cyberattacks.
