Cyberattacks: A Threat to Business in the US 2:26
(CNN Business) -
The Peloton company is warning users of a new security threat related to the touch screen of their Bike +, which could be controlled by hackers. In a report published Wednesday, the cybersecurity company McAfee discovered a vulnerability that allows hackers to access the Peloton bike display and potentially spy on users via its microphone and camera. However, the threat most likely affects only the $ 2,495 bicycle used in public spaces, such as hotels or gyms, as the hacker needs to physically access the screen via a USB drive containing a code. malicious.
According to McAfee's Advanced Threat Research team, a hacker can discreetly control the display of the exercise bike remotely and interfere with your operating system.
This means that hackers could, for example, install apps that look like Netflix or Spotify and steal users' login information.
Most alarmingly, the cybersecurity team was able to spy on users through the camera and microphone, which are normally used for video chats with other users.
Peloton's stationary bike has a commercial price of $ 2,495.
"As a result, an unsuspecting user in the gym using the Peloton Bike + could be in danger of having their personal data compromised and their training being watched without their consent," the report says.
It also warned that the hacker could configure this spyware at any time, even during the supply chain or delivery process, without the owner knowing.
Devices connected to the Internet, be it bicycles, computers or even refrigerators, are all susceptible to being hacked.
Cyberattacks have drawn increasing public attention, and big-name companies like McDonald's, Microsoft, and Electronic Arts have publicly disclosed recent security flaws.
How to act in the event of a cyberattack?
1:26
Peloton released a mandatory software update that fixes the problem for users earlier this month.
The safety risk does not affect the lower priced Peloton Bike because it uses a different type of touch screen.
advertising
This is an important reminder for users of all connected devices to turn on automatic software updates to keep them protected against the latest attacks, according to McAfee.
"Stay on top of your device manufacturer's software updates, especially since they don't always announce their availability," said the McAfee researchers.
"Check their website regularly to make sure you don't miss out on news that may affect you."
This report represents Peloton's second safety issue in two months.
In May, the fitness firm released a security update to fix a leak that revealed personal account information, such as the user's age, city, and weight.
News of that failure broke the same day Peloton recalled his treadmill after a child died and others were injured.
Platoon
