Avast security researcher Martin Hron discovered such a vulnerability in his Smarter iKettle coffee pot. With the first and second versions of this machine, the information and firmware updates going to the device through accompanying smartphone app were not encrypted. This allowed Hron to disguise a ransomware program as a firmware update.
As seen in a video posted on YouTube, once the malicious code had been sent to the coffee pot, the device went haywire when Hron tried to make coffee with it. Fortunately for users of later versions of the Smarter iKettle, it appears that the security vulnerabilities that Hron discovered have been fixed. However, who knows what other yet-undiscovered vulnerabilities may reside in our smart coffee machines.
