Security flaws in some doorbell cameras sold by Amazon and other online retailers could allow malicious actors to view footage from the devices, according to an investigation published Thursday by Consumer Reports. It may be possible to have complete control.
Researchers at the Product Review Organization announced that they discovered a critical vulnerability in cameras made by Eken Group, a Chinese company that makes video doorbells under brand names such as EKEN and Tuck, among others.
The devices are sold online by Walmart, Shein, Sears and Tem, which said it removed the Eken doorbell from its platform after Consumer Reports contacted them.
A Walmart spokesperson said the doorbell cameras identified by Consumer Reports are listed on the company’s marketplace by third-party sellers.
A spokesperson said Walmart is removing these items and offering refunds under its return policy.
Amazon, which gave Eken and Tuck doorbells the coveted “Amazon’s Choice” badge, did not immediately respond to a request for comment.
However, the doorbell camera appears to have become available on the site on Thursday.
Sears and Schein also did not immediately respond to requests for comment.
Researchers say doorbell cameras made by Eiken Group can be controlled using an app called Aiwit, which is operated by the company.
They say malicious actors can create an account on the app and pair it with another device to gain access to nearby doorbell cameras.
This allows users to watch videos and access still images, and locks the owner out of the device, Consumer Reports said.
The group’s researchers also found that some doorbell cameras lacked registration codes required by the Federal Communications Commission.
“Major e-commerce platforms like Amazon and Walmart need to better vet sellers and the products sold on their platforms to ensure consumers are not put at risk,” Consumer Reports Technology Policy says. Director Justin Brookman said in a statement. .