WTF?! In what could have been another example of the dangers of making every single household appliance internet-connected, the owner of an LG washing machine got a shock this week when the device started reporting the use of 3.6GB of data every day.
Johnie, who describes himself as a FinTech Geek in his X/Twitter bio, posted a message on Elon Musk’s platform this week after noticing the extremely high amount of data his LG washing machine was using each day.
For those looking for an update, data usage has dropped since I posted this and blocked the device on my router.
Sorry if you were using my washing machine for bitcoin mining. But I’d gladly rent our the LPU (Laundry Processing Unit) by the hour. pic.twitter.com/uZzW3TcCt9
— Johnie (@Johnie) January 9, 2024
The image from the Asus router interface page shows the LG washing machine downloaded 100MB of data and uploaded a whopping 3.57GB in a single day. The household appliance accounted for just under 5% of Johnie’s daily internet traffic, which is certainly a lot for a washing machine; the applications usually consume around 1MB of data daily.
Like many companies, LG offers an app – SmartThinQ – for users to control and automate all their compatible household devices. Connecting a washing machine allows features such as being able to download additional wash programs. But there’s obviously something amiss with the amount of data being used in this situation.
There were plenty of theories about why the LG washing machine was being so data-hungry. Many suggested the device could have been taken over in a hack. In 2017, a vulnerability dubbed HomeHack was discovered in LG’s smart home infrastructure that could have allowed attackers to log into LG users’ SmartThinQ home appliances accounts and take remote control of the devices connected to the account. An intruder could, among other things, have spied on home users via the video camera in the Hom-Bot robot vacuum cleaner.
HomeHack was patched soon after being discovered, but the incident showed the potential dangers of giving online connectivity to everything in a household. There were plenty of warnings that Johnie’s machine could have been commandeered for cryptomining purposes, leading to jokes about laundering Bitcoin.
Well, Lg’s ceo would like to know what you are washing https://t.co/GzOgMVDNZK
– Internet of Shit (@internetofshit) January 10, 2024
Johnie blocked the device on his router to stop it from using his data. He posted a follow-up post a day later that appeared to reveal what had been going on: it was likely just a reporting inaccuracy on the part of the Asus router interface tool. A few other users confirmed this sort of bugginess can happen in the software (as this writer knows from personal experience).
As a follow up, it looks like this issue started on 1/4.What’s interesting is that there was traffic with Apple iMessage. I chalk this up to inaccuracy in the ASUS router tool … unless it was sending ð pics of my laundry. pic.twitter.com/8jVKs9PMbQ
— Johnie (@Johnie) January 10, 2024
Even if this was just an error, it’s interesting how few people suggested it could be a mistake on Asus’ part when the first message was posted, illustrating how accustomed we are to seeing IoT devices shipping with terrible security and regularly being taken over.