(CNN Business) — The Peloton company warns users of a new security threat related to the touch screen of their Bike +, which could be controlled by hackers.In a report released Wednesday, the cybersecurity company McAfee discovered a vulnerability that allows hackers to access Peloton’s bike display and potentially spy on users via its microphone and camera. However, the threat most likely affects only the $ 2,495 bicycle It is used in public spaces, such as hotels or gyms, since the hacker needs to physically access the screen using a USB drive containing malicious code.
According to McAfee’s Advanced Threat Research team, a hacker can discreetly control the display of the exercise bike remotely and interfere with your operating system. This means that hackers could, for example, install apps that look like Netflix or Spotify and steal users’ login information. Most alarmingly, the cybersecurity team was able to spy on users through the camera and microphone, which are normally used for video chats with other users.
“As a result, an unsuspecting user in the gym using the Peloton Bike + could be in danger of having their personal data compromised and their training being watched without their consent,” the report says. It also warned that the hacker could configure this spyware at any time, even during the supply chain or delivery process, without the owner knowing.
Internet-connected devices, be it bicycles, computers, or even refrigerators, are all susceptible to being hacked.
Cyberattacks have increasingly captured the public’s attention, and big-name companies such as McDonald’s, Microsoft and Electronic Arts have publicly disclosed recent security flaws.
Peloton released a mandatory software update that fixes the problem for users earlier this month. The safety risk does not affect the lower priced Peloton Bike because it uses a different type of touch screen.
This is an important reminder for users of all connected devices to turn on automatic software updates to keep them protected against the latest attacks, according to McAfee.
“Stay on top of your device manufacturer’s software updates, especially since they don’t always announce their availability,” said the McAfee researchers. “Check their website regularly to make sure you don’t miss out on news that may affect you.”
This report represents Peloton’s second safety issue in two months. In May, the fitness firm released a security update to fix a leak that revealed personal account information, such as the user’s age, city, and weight. The news of that ruling it was published the same day in which Peloton withdrew his treadmill after a child died and others were injured.
George is Digismak’s reported cum editor with 13 years of experience in Journalism