{"id":94932,"date":"2019-04-18T13:14:20","date_gmt":"2019-04-18T20:14:20","guid":{"rendered":"https:\/\/securingtomorrow.mcafee.com\/?p=94932"},"modified":"2025-06-02T01:30:50","modified_gmt":"2025-06-02T08:30:50","slug":"iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/","title":{"rendered":"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target?"},"content":{"rendered":"

Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary functions. In this blog, we will explore a vulnerability submitted by McAfee Advanced Threat Research (ATR) and investigate a piece of malware that recently incorporated similar vulnerabilities. The takeaway from this blog is the increasing movement towards IoT-specific malware and the likelihood of this unique vulnerability being incorporated into future malware.<\/p>\n

We are rapidly approaching the one-year mark for the date McAfee ATR disclosed to Belkin (a consumer electronics company) a critical, remote code execution vulnerability<\/a> in the Belkin WeMo Insight smart plug.\u00a0 The date was May 21st<\/sup>, 2018, and the disclosure included extensive details on the vulnerability (a buffer overflow), proof-of-concept, exploit code and even a video demo showing the impact, dropping into a root shell opened on the target device. We further blogged<\/a> about how this device, once compromised, can be used to pivot to other devices inside the network, including smart TVs, surveillance cameras, and even fully patched non-IoT devices such as PCs. Initially, the vendor assured us they had a patch ready to go and would be rolling it out prior to our planned public disclosure. In January of 2019, Belkin patched a vulnerability in the Mr. Coffee Coffee Maker w\/ WeMo, which McAfee ATR reported to Belkin on November 16th<\/sup>, 2018, and released publicly at Mobile World Congress in late February. We commend Belkin for an effective patch within the disclosure window, though we were somewhat surprised that this was the prioritized patch given the Mr. Coffee product with WeMo no longer appears to be produced or sold.<\/p>\n

The Insight smart plug firmware update never materialized and, after attempts to try to communicate further, three months later, in accordance with our vulnerability disclosure policy, McAfee ATR disclosed the issue publicly<\/a> on August 21st<\/sup>. Our hope is that vulnerability disclosures will encourage vendors to patch vulnerabilities, educate the security community on a vulnerable product to drive development of defenses and, ultimately, encourage developers to recognize the impact that insecure code development can have.<\/p>\n

Fast forward nearly a year and, to the best of our knowledge this vulnerability, classified as CVE-2018-6692, is still a zero-day vulnerability.<\/strong>\u00a0 As of April 10th<\/sup>, 2019, we have heard of plans for a patch towards the end of the month and are standing by to confirm. We intentionally did not release exploit code to the public, as we believe it tips the balance in favor of cyber criminals, but exploitation of this vulnerability, while challenging in some regards, is certainly straightforward for a determined attacker.<\/p>\n

IoT-Specific Malware<\/strong><\/h2>\n

Let\u2019s focus now on why this vulnerability is enticing for malicious actors.\u00a0 Recently, Trend Micro released a blog<\/a> observing occasional in-the-wild detections for a malware known as Bashlite. This specific malware was recently updated to include IoT devices in its arsenal, specifically using a Metasploit module for a known vulnerability in the WeMo UPnP protocol. The vulnerability appears to be tied to a 2015 bug which was patched by Belkin and was used to fingerprint and exploit WeMo devices using the \u201cSetSmartDevInfo\u201d action and corresponding \u201cSmartDevURL\u201d argument.<\/p>\n

\"\"<\/p>\n

We can say for certain that this Metasploit module is not targeting the same vulnerability submitted by McAfee ATR, which resides in the <EnergyPerUnitCostVersion> XML field, within the libUPnPHndlr.so library.<\/p>\n

\"\"<\/p>\n

Analysis of Bashlite and IOT Device Targets<\/strong><\/h2>\n

After briefly analyzing a few samples of the malware (file hashes from the aforementioned blog), the device appears to check for default credentials and known vulnerabilities in multiple IoT devices. For example, I came across a tweet after finding reference to a password in the binary of \u201coelinux123\u201d.<\/p>\n

\"\"<\/p>\n

This IoT device is an Alcatel Mobile Wifi<\/a>, which has a number of known\/default passwords. Notice the top username\/password combination of \u201croot:oelinux123.\u201d When we analyze the actual malware, we can observe the steps used to enumerate and scan for vulnerable devices.<\/p>\n

Here is a reference from the popular binary disassembly tool IDA Pro showing the password \u201cOELINUX123\u201d used to access a mobile WiFi device.<\/p>\n

\"\"<\/p>\n

The next image is a large \u201cjump table\u201d used to scan through and identify a range of devices or targets using known passwords or vulnerabilities.<\/p>\n

\"\"<\/p>\n

Next is some output from the \u201cEchobot\u201d scanner employed by the malware used to report possible vulnerabilities in target devices from the above jump table.<\/p>\n

\"\"<\/p>\n

The final screenshot shows a list of some of the hardcoded credentials used by the malware.<\/p>\n

\"\"<\/p>\n

The \u201chuigu309\u201d password appears to be associated<\/a> with Zhone and Alcatel Lucent routers. Both routers have had several known vulnerabilities, backdoors and hardcoded passwords built into the firmware.<\/p>\n

\"\"<\/p>\n

There is no need to continue the analysis further as the point of this is not to analyze the Bashlite malware in depth, but I did think it was worth expanding on some of the capabilities briefly, to show this malware is programmed to target multiple IoT devices.<\/p>\n

Now to the point! The simple fact that generic WeMo Metasploit modules were added to this indicates that Belkin WeMo makes an interesting enough target that an unpatched vulnerability would be compelling to add to the malware\u2019s capabilities. Hence, we believe it is possible, perhaps even likely, that malware authors already have or are currently working on incorporating the unpatched WeMo Insight vulnerability into IoT malware. We will be closely following threats related to this zero-day and will update or add to this blog if malware embedding this vulnerability surfaces. If the vendor does produce an effective patch, it will be a step in the right direction to reduce the overall threat and likelihood of weaponizing the vulnerability in malware.<\/p>\n

How to Protect Your Devices<\/strong><\/h2>\n

As this vulnerability requires network access to exploit the device, we highly recommend users of IoT devices such as the WeMo Insight implement strong WIFI passwords, and further isolate IoT devices from critical devices using VLANs or network segmentation. McAfee Secure Home Platform<\/a> users can enable whitelisting or blacklisting features for protection from malicious botnets attempting to exploit this vulnerability.<\/p>\n

Call to Action for Vendors, Consumers and Enterprise<\/strong><\/h2>\n

It should be plain to see there is some low-hanging fruit in the industry of securing IoT devices. While some of the obvious simple issues such as hardcoded credentials are unexplainable, we understand that true software vulnerabilities cannot always be avoided. However, we issue a call-to action for IoT vendors; these issues must be fixed, and quickly too. Threat actors are constantly tracking flaws which they can weaponize, and we see a prime example of this in the Bashlite malware, updated for IoT devices including Belkin WeMo. By listening to consumer\u2019s asks for security, partnering with researchers closely to identify flaws, and having a fast and flexible response model, vendors have a unique opportunity to close the holes in the products the world is increasingly relying on. Consumers can take away the importance of basic security hygiene; applying security updates when available, practicing complex password policy for home networks and devices, and isolating critical devices or networks from IoT.\u00a0 Enterprise readers should be aware that just because this is an IoT consumer device typically, does not mean corporate assets cannot be compromised.\u00a0 Once a home network has been infiltrated, all devices on that same network should be considered at risk, including corporate laptops.\u00a0 This is a common method for cyber criminals to cross the boundary between home and enterprise.<\/p>\n","protected":false},"excerpt":{"rendered":"

Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary…<\/p>\n","protected":false},"author":1004,"featured_media":93315,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[442],"tags":[],"coauthors":[5354],"class_list":["post-94932","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-mcafee-labs"],"acf":[],"yoast_head":"\nIoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target? | McAfee Blog<\/title>\n<meta name=\"description\" content=\"Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target? | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2019-04-18T20:14:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-02T08:30:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1365\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Steve Povolny\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@spovolny\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Steve Povolny\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/\"},\"author\":{\"name\":\"Steve Povolny\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267\"},\"headline\":\"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target?\",\"datePublished\":\"2019-04-18T20:14:20+00:00\",\"dateModified\":\"2025-06-02T08:30:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/\"},\"wordCount\":1241,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg\",\"articleSection\":[\"McAfee Labs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/\",\"name\":\"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target? | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg\",\"datePublished\":\"2019-04-18T20:14:20+00:00\",\"dateModified\":\"2025-06-02T08:30:50+00:00\",\"description\":\"Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#primaryimage\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg\",\"width\":2048,\"height\":1365},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Other Blogs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"McAfee Labs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267\",\"name\":\"Steve Povolny\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/d83e09f6a46193cbf6406c6f30ba3fde\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png\",\"caption\":\"Steve Povolny\"},\"description\":\"Steve Povolny is the Head of Advanced Threat Research for McAfee Enterprise, which delivers groundbreaking vulnerability research spanning nearly every industry. With more than a decade of experience in network security, Steve is a recognized authority on hardware and software vulnerabilities, and regularly collaborates with influencers in academia, government, law enforcement, consumers and enterprise businesses of all sizes. Steve is a sought after public speaker and media commentator who often blogs on key topics. He brings his passion for threat research and a unique vision to harness the power of collaboration between the research community and product vendors, through responsible disclosure, for the benefit of all.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/steve-povolny-595a776\/\",\"https:\/\/x.com\/spovolny\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/steve-povolny\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target? | McAfee Blog","description":"Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target? | McAfee Blog","og_description":"Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary","og_url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2019-04-18T20:14:20+00:00","article_modified_time":"2025-06-02T08:30:50+00:00","og_image":[{"width":2048,"height":1365,"url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg","type":"image\/jpeg"}],"author":"Steve Povolny","twitter_card":"summary_large_image","twitter_creator":"@spovolny","twitter_site":"@McAfee","twitter_misc":{"Written by":"Steve Povolny","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/"},"author":{"name":"Steve Povolny","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267"},"headline":"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target?","datePublished":"2019-04-18T20:14:20+00:00","dateModified":"2025-06-02T08:30:50+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/"},"wordCount":1241,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg","articleSection":["McAfee Labs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/","url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/","name":"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target? | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg","datePublished":"2019-04-18T20:14:20+00:00","dateModified":"2025-06-02T08:30:50+00:00","description":"Effective malware is typically developed with intention, targeting specific victims using either known or unknown vulnerabilities to achieve its primary","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#primaryimage","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2018\/12\/web-page-generic-javascript-code-on-computer-monitor.jpg","width":2048,"height":1365},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/iot-zero-days-is-belkin-wemo-smart-plug-the-next-malware-target\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Other Blogs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/"},{"@type":"ListItem","position":3,"name":"McAfee Labs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/"},{"@type":"ListItem","position":4,"name":"IoT Zero-Days \u2013 Is Belkin WeMo Smart Plug the Next Malware Target?"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/210ec6c1c7e372f17c4b1109f06b8267","name":"Steve Povolny","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/d83e09f6a46193cbf6406c6f30ba3fde","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2019\/04\/steve_p_mcafee-96x96.png","caption":"Steve Povolny"},"description":"Steve Povolny is the Head of Advanced Threat Research for McAfee Enterprise, which delivers groundbreaking vulnerability research spanning nearly every industry. With more than a decade of experience in network security, Steve is a recognized authority on hardware and software vulnerabilities, and regularly collaborates with influencers in academia, government, law enforcement, consumers and enterprise businesses of all sizes. Steve is a sought after public speaker and media commentator who often blogs on key topics. He brings his passion for threat research and a unique vision to harness the power of collaboration between the research community and product vendors, through responsible disclosure, for the benefit of all.","sameAs":["https:\/\/www.linkedin.com\/in\/steve-povolny-595a776\/","https:\/\/x.com\/spovolny"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/steve-povolny\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/94932","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/1004"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=94932"}],"version-history":[{"count":2,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/94932\/revisions"}],"predecessor-version":[{"id":214824,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/94932\/revisions\/214824"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media\/93315"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=94932"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=94932"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=94932"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=94932"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}