A recent vulnerability in Apple’s HomeKit framework that lets developers build apps for connected devices may also have enabled hackers to remotely control those devices. Considering that some smart locks and other Internet-connected devices around the house were also HomeKit-enabled, the risk was high that hackers could turn into actual burglars.
While Apple quickly patched the HomeKit vulnerability by issuing a server-side update, few details are known about how the actual exploit works, apart from that it’s “difficult to reproduce.” If an attacker compromised any Internet of Things (IoT) device connected to your home network – regardless of whether it’s a smart lock, a smart refrigerator, or even a toaster – he could potentially infect other network-connected devices.