With the advent of computer-aided fitness tracking, weekend warriors are mapping everything from the steps they take on a run to their heart rate and more. But now security experts have revealed that fitness trackers could lead to your computer being compromised.
At a security conference earlier this month, a security researcher from the U.S. firm Fortinet showed how she could hack into a wearers Fitbit fitness tracker in about ten seconds, according to CBS News. The Fitbit’s wireless Bluetooth connection apparently leaves it vulnerable to the hack, which can then infect the user’s computer when the device is connected for downloading.
The Fortinet security staffer Axelle Apvrille showed conference attendees, many of whom were wearing Fitbits, how she could manipulate the equipment’s software and alter data, changing the count of steps taken or distance traveled. Next, she demonstrated that she could upload malware via the Fitbit’s Bluetooth network, which would then corrupt the user’s computer when the user synch’s it to the machine.
While she did not actually infect conference attendees equipment, the “proof of concept” was enough to show that the Fitbit has a small but easily accessed vulnerability to hackers. Apvrille’s demonstration showed that a hacker could simply be in proximity to a user, and within ten seconds complete the upload of malicious software.
Apvrille says she alerted Fitbit about the potential security flaw in March.