A researcher has reverse-engineered Bright Data's iOS SDK, revealing it can covertly transform consumer devices like smart TVs into exit nodes for web-scraping traffic, consuming significant user bandwidth and bypassing configured VPNs. The threat involves an SDK embedded in free applications that, when users opt-in via misleading consent screens, relays up to 200 GB of external traffic monthly through the device's residential IP address. This practice, driven by demand for residential IPs to bypass anti-bot measures, highlights critical consent and transparency issues, though the article does not provide specific CVE data or version information for the SDK itself.
IoT Researcher finds Bright Data iOS SDK turns smart TVs into web-scraping nodes June 8, 2026 Share By SC Staff A researcher has reverse-engineered the iOS SDK used by Bright Data, revealing that it can transform consumer devices, including smart TVs, into exit nodes for web-scraping traffic. This data is heavily marketed to the AI industry, raising concerns about user consent and bandwidth usage, with further coverage provided by The Hacker News. Bright Data, formerly Luminati, operates a large residential proxy network, with a portion sourced from an SDK embedded in free applications. This SDK, when installed via an opt-in screen, allows devices to relay web-scraping traffic using the user's home IP address and bandwidth. The research, published by Include Security, highlights a significant consent gap, as the SDK's capabilities, such as allowing up to 200 GB of traffic per month, far exceed the "occasionally" usage described in some app consent screens. The traffic bypasses configured VPNs on iOS and lacks robust authentication. This practice, an evolution of Hola VPN's past model of selling user bandwidth, is now driven by the AI industry's demand for residential IPs to circumvent anti-bot defenses. While Bright Data claims its nodes are consent-sourced, the effectiveness of this consent remains a key question, especially as malicious botnets also exploit consumer devices for similar purposes. Source: The Hacker News SC Staff Related IoT Dragos acquires Phosphorus to enhance industrial cybersecurity SC Staff June 1, 2026 The acquisition aims to integrate Phosphorus' platform, which identifies connected devices, assesses exposures, and automates remediation, into Dragos' offerings. IoT Thousands of Yarbo robotic lawnmowers exposed with identical default passwords SC Staff May 18, 2026 Security researcher Andreas Makris discovered that Yarbo robotic lawnmowers, which operate in over 30 countries and are equipped with cameras, GPS, and AI mapping, used the same default passwords. Vulnerability Management Remote building compromise likely with EnOcean SmartServer bugs SC Staff May 1, 2026 SecurityWeek reports that vulnerable internet-exposed EnOcean SmartServer IoT platform instances impacted by the security bypass flaw, tracked as CVE-2026-22885, and the remote code execution issue, tracked as CVE-2026-20761, could be targeted to remotely compromise smart buildings, data centers, and factories. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe You can skip this ad in 5 seconds