Man in the middle attack
According to the researchers, a man-in-the-middle (MiTM) vulnerability was found that leaves Samsung smart refrigerators open to an exploit that allows an attacker to steal the owner’s Gmail credentials. Though the fridge implements SSL, it FAILS to validate SSL certificates. This leaves the fridge vulnerable to man-in-the-middle attacks against most connections.
"The internet-connected fridge is designed to display Gmail Calendar information on its display," explained Ken Munro, a security researcher at Pen Test Partners. "It appears to work the same way that any device running a Gmail calendar does. A logged-in user/owner of the calendar makes updates and those changes are then seen on any device that a user can view the calendar on."
Synced Gmail logins are Vulnerable
The Smart Fridge makes connections to Google's servers to download Gmail calendar information for the on-screen display. By intercepting the connection and performing MiTM attack, an attacker in the same network can potentially steal Google login credentials. It is possible because the fridge fails to validate the SSL certificates. Hence, hackers who manage to access the network that the fridge is on, can Man-In-The-Middle the fridge calendar client and steal Google login credentials.
Other ways to exploit Smart fridge.
The researchers also tried to hack smart fridge through a Firmware update and but was unsuccessful.They also made attempts through TCP services and certificate challenges and found the possibility of a certificate that might be present in the mobile app code. This can be a potential breakthrough but it's yet to be confirmed.
According to them "We pulled apart the mobile app and found what we believe is the certificate inside a keystore. We “believe” we did because it is has a name that suggests this. However, it is correctly passworded and we are yet to extract the password that opens the key store. We think we’ve found the password to the certificate in the client side code, but it’s obfuscated and we haven’t got round to reversing it, yet."Source : http://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/
Also Read: Hackers Can Attack Gas Stations and Blow It Up.