I Have the Power: IoT Security Challenges Hidden in Smart Bulbs and Outlets

“You think it’s just a light bulb—but it’s not off. It’s watching, listening… maybe even hacking.”

That quote from LMG Security’s Penetration Testing Team Manager Tom Pohl drew laughter and wide-eyed stares at BSides Des Moines 2025, but the implications were anything but funny. His talk tackled a growing and often overlooked issue: IoT security challenges. From WiFi-controlled outlets to Bluetooth-enabled light bulbs, Tom walked the audience through how insecure devices can quietly turn from tools into threats.

Welcome to the world of IoT, where devices are always connected—and often poorly protected.

When Curiosity Meets IoT Risk: The $20 Smart Outlet

It all began with a Woot.com deal: a 4-pack of Meross smart outlets for just $20. While the brand wasn’t a household name, Tom suspected something was amiss.

“Sure enough, I found an open S3 bucket with customer data in it. Where there’s smoke, there’s fire.”

That early discovery highlights a common IoT security challenge: vendors rushing to market with cloud-connected devices and minimal backend protections. Rather than discard the devices, Tom launched a multi-year journey into the security (or lack thereof) behind these smart gadgets.

Bricking the Outlet: Debug Mode and Firmware Flaws

After accessing the outlet’s local web interface, Tom enabled an undocumented debug feature—only to watch the device become unresponsive and unusable.

“It was just a red LED of death. No factory reset could bring it back.”

Disassembling the outlet revealed a tiny RISC-based chip with no standard debugging ports. Without specialized probes, Tom couldn’t continue. But these tools just arrived, so “To be continued…” But this highlights another IoT security challenge: proprietary or obscure hardware that makes responsible analysis (or even recovery) difficult.

From Smart Bulbs to Evil Tools: Real-World IoT Security Challenges

With the smart outlet shelved, Tom shifted focus to a Vont-brand smart light bulb, based on the widely used ESP32 chip. This device proved far more hackable after a bit of soldering, firmware dumping, and creative tooling.

“There’s nothing more rewarding than rebooting a light bulb and seeing your custom SSID pop up: ‘TinyBitEvilLight.’”

By reprogramming the bulb, Tom transformed it into a weaponized tool capable of:

• Capturing PMKID and wireless handshakes for cracking WiFi passwords.
• Launching deauthentication attacks.
• Creating evil twin networks that mimic legitimate WiFi for credential theft.
• Staying stealthy—even while appearing to be powered off.

These examples illustrate how IoT security challenges can extend beyond traditional IT assets into physical environments. A smart bulb shouldn’t be able to knock users off WiFi—or steal their login credentials—but here we are.

Demo Time: Wireless Hijinks in a Tiny Package

During his live demo, Tom demonstrated the bulb’s ability to:

• Act as a fake access point.
• Disrupt real WiFi networks through denial-of-service.
• “Spy” on phones looking for their known networks using probe sniffing.

“You think it’s off? It’s not. I can run attacks even when the light is dark.”

Key Takeaways: Mitigating IoT Security Challenges in Your Environment

IoT security challenges don’t just affect homes—they’re increasingly common in corporate environments, especially with the rise of BYOD policies and smart office equipment.

Here’s how to proactively protect your organization:

• Segment IoT devices: Always isolate smart devices on a separate VLAN. Many devices are chatty by default and lack proper authentication. Never allow them access to core business networks.
• Regularly audit firmware: Even reputable vendors can ship devices with default credentials, poor encryption, or open debug ports. Audit firmware when possible. Whether through static analysis or reverse engineering, understand what code your devices are running—and what risks are embedded.
• Understand device lifecycles: Tom’s light bulb tried to phone home to a now-defunct Chinese cloud server. When vendors go out of business, many devices become vulnerable and fail, or worse, they become honeypots.
• Enforce physical security: Some attacks (like reprogramming firmware) require physical access, but rogue device swaps can happen quickly and go unnoticed. Control who can access your workspaces and devices.
• Develop an IoT-specific policy: Inventory every connected device. Disable auto-join settings on corporate laptops and phones to reduce the risk of evil twins, and regularly review which devices are still needed and retire anything obsolete or unsupported.
• Test your own environment: Not sure what’s hiding on your network? Run internal penetration testing or red team exercises that include IoT and rogue devices. Our expert team at LMG Security provides penetration testing services and IoT threat assessments that identify gaps in your network and hardware stack.

As IoT security challenges evolve, organizations must evolve their defenses—not just at the firewall, but on the factory floor, in conference rooms, and even in smart lighting systems.

Try It Yourself—Or Just Understand the Risks

Tom’s light bulb experiment was built using open-source code from Hacker’s Nightlight on GitHub, along with tools like PlatformIO and ESPTool. These are widely available and surprisingly beginner-friendly, showing how low the barrier is for turning a cheap IoT device into a threat.

“I’m not going to walk into someone’s house and hack their light bulbs. But could I swap one while visiting? Absolutely.”

Want to explore more examples of real-world hacks? Check out LMG Security’s blog on prompt injection in LLMs or our Cyberside Chats podcast and video series about today’s threats.

Are You Sure Your Devices Are Secure?

Smart devices are everywhere—and so are the threats they pose. From light bulbs to thermostats to printers, IoT security challenges are now everyone’s problem.

At LMG Security, we help organizations identify and eliminate IoT risks through expert assessments, firmware reviews, and internal penetration testing.

Ready to assess your IoT security posture? Contact us for a customized penetration test or policy review.

Because the next “light bulb moment” you have… shouldn’t be triggered by an attacker.