Are you concerned that your Wyze camera may get hacked? Are Wyze cameras secure? Is Wyze camera safe? Thousands of users ask these questions every day and we will try to answer those questions in this article.
YES, the Wyze camera CAN be hacked. By hacking means, someone is able to take over your camera and access the live video of the camera. And you may be aware of that or not. Many people don’t even know that their camera is hacked.
Technically speaking, hypothetically any device that is exposed to the internet can be hacked. Some of them are very difficult to get hacked and their manufacturers patch any bugs, others are pretty easy to get hacked.
Either way, there are a few tips or suggestions that you can follow to increase the security of your Wyze camera. By following this guide you’ll be able to increase the overall safety of your security camera and reduce any possible hacking attempts.
Important warning: This article is meant for educational purposes. By understanding the camera’s vulnerabilities, you can reduce the chances of your own camera getting hacked.
Wyze camera and hacking attempts
There’s a rule in the IT world: there’s no device that is 100% safe from hacking attempts, no exception. If any device is connected to the internet, theoretically it’s possible to get it hacked. This doesn’t apply only to security cameras, but to any electronic devices that communicate via the internet.
Wyze cameras are electronic devices that can be hacked if the camera is connected to the internet. However, there are a few things you can do to protect your camera and make it less “hackable”. While certain vulnerabilities can be exploited, they wouldn’t be easy or practical to use en masse. Keep reading for more explanations.
Wyze Cam Security Concerns
The way Wyze cameras work means that all the customer’s accounts information is stored on the Wyze Labs cloud server. What happens if this online database gets hacked? Well, that’s what happened not long ago, the Wyze Labs database was breached and all the users’ information was leaked.
The data that was leaked contained information such as the usernames, the email used to purchase the camera, the connected to their home, users that access the camera; list of all the cameras on the house including the nicknames for each camera, device model and firmware.
Other leaked information included Wifi SSID, subnet layout, the log of the app usage, API tokens for iOS and Android devices, Alexa tokens, and even more private information. The database is still available on the internet and technically anyone with the tech skills can access it.
Wyze took countermeasures by patching the bug and forcing the affected users to change their login information. Almost 2 million accounts were affected. This just shows that nothing is safe on the internet.
How to know that your Wyze camera has been hacked?
It can difficult to know that you’ve been hacked, as this isn’t something that you can see right away. Sometimes the Wyze cam might not perform when it has been hacked, but poor performance could also be due to poor connection or signal.
However, here are a few telltales that indicate that your camera may have been hacked:
- Check for strange noises. Security cameras that have been hacked sometimes make strange noises, or let’s say out of ordinary noises. Sometimes even the hacker’s voice can be heard.
- Check for abnormal rotations. If your Wyze camera is rotating in ways that aren’t normal or when you’re not actually controlling it, it could be because you’ve been hacked and the camera is being remotely controlled by someone else.
- Pay attention to the settings. If your camera settings have been changed without your knowledge, somebody may have access to your camera and played around with it.
- Check the data flow. Sometimes you can identify a hack through unusual network activity. Spikes in network traffic and attempted logins are some hacking telltales.
Obviously, if you are unable to login to your account with your personal login information, someone may have hacked your camera and changed the login password.
How to protect Wyze camera from hacking
About the data leak we talked about above, Wyze Labs decided to log out the accounts and reset the tokens and connect to Google Assistant and Alexa. This countermeasure helped mitigate the effect of the Wyze breach.
However, there are a few actions you can take to protect your camera. Below we’ve listed a few of them.
Change you password
First thing you should do is to change the password and create a strong one using a combination of letters, numbers and special characters. Go to your Wyze app and select the “Account Tab”, then Security and tap on “Change Password”.
Make sure not to recycle old passwords, just create a new one and store it on password managers for your own safety. It’s recommended not to share the same password between your accounts. So, don’t use your Facebook password for your Wyze account.
Enable the two-step verification feature
Wyze offers the two-step verification procedure and you definitely should use it since it has shown to increase the overall security of the system.
Once this feature is enabled and set up, every time you login to your account, the app will send you a verification code that you need to enter on the app to verify that you’re the legit owner.
To enable the two-step verification feature go to the “Account” section and tap on the “Security” tap. Then select the “Two-Step Verification” option and switch it to “Verification by SMS”.
You need to add your phone number and next time you login you’ll get a direct SMS to your phone with the verification code. And this is the best way you can increase the security camera. Even if the hackers know your password, they still can’t login since they don’t have the verification code.
Update the firmware
Wyze Labs continuously releases new firmware for the camera that not just improves the overall security but patches security bugs, fixes glitches and other potential security issues. That’s why it’s important to keep your camera updated.
So, once in a while check the app if there are new updates available. If so, have them installed. Additionally, ensure that the app and the phone themselves are up-to-date.
Use reliable third-party apps
Make sure to use reliable third apps such as Google Assistant or Alexa. Stay away from unverified companies that don’t offer much protection.
Once you’ve set the two-step verification mode, re-connect the camera to the above apps (if you use them) and sync everything all over.
Restrict any possible physical access to the camera
Sometimes the Wyze camera can get hacked by having physical access to it. Imagine an office where the camera is in plain sight, someone may easily reset it, create a new password and gain access to the camera.
In fact, resetting the Wyze camera is quite easy, all you have to do is press the reset button for a few seconds and the camera will go to factory default which erases the password on it. Technically, anyone who has physical access to the camera can reset it.
That’s why it’s important to physically protect the camera. You can install the camera on a spot that is not easily reachable, or you can even buy camera boxes or housing and put the camera inside. Use your imagination, just ensure that no one can touch the camera.
Protect your local network
Even if you followed all the above suggestions, the camera can still be hacked by exploiting the local network vulnerabilities. The camera will be connected to your local switch or router which can be insecure by default.
If hackers have access to your local network, they can try various methods to breach the devices connected to it. Below we’ve listed a few techniques that they use.
Brute Force Attack: In simple words, the hacker will use a password generator to try all possible combinations that break your password. This is the case if you use a simple password such as “password” “myhome” or “123456” or something else that is very generic.
The attack is done via powerful software that can randomly try millions of combinations until they hit the right password. That’s why it’s called “brute attack”. They don’t know your password, but will test any combinations until they’re in.
To protect yourself from this situation, you need to use strong and long passwords. Use a password that is a combination of upper letters, lower letters, special characters, symbols, 10-25 characters. If you use such a password, the password generator may take thousands of years to break the password (which means they’ll give and your camera will be safe).
WiFi Attack: Another way that hackers do things is by connecting to the WiFi router taking average of its weak password or insecure protocol. A good WiFi router deploys strong encryption such as the WPA2 that makes it difficult for a hacker to gain entry.
Additionally, we recommend purchasing a good and reliable router that offers full protection via encryption. You may also need to disable any guest connection features.
Wyze cameras are generally safe, but as any electronic devices exposed to the internet it can get hacked. That’s why it is important to take extra steps and increase the security of your camera.
In this guide we offered a few suggestions on how you can make your camera secure such as using a strong password, updating the camera and locking it in a safe place. Additionally, don’t install the camera in spots that are easily accessible.
If you follow all the instructions shown here, you’ll greatly minimize the chances of having your Wyze camera hacked. If you have any questions, let us know in the comment box.