The company that sold cameras with ‘terrible’ security flaw has a new problem
Image: Eken
The Federal Communications Commission (FCC) is proposing more than $700,000 in fines against Eken, a Hong Kong-based video doorbell manufacturer whose products were found to be susceptible to hackers, for an unrelated rules violation discovered during the commission’s ongoing investigation.
The commission began investigating Eken after Consumer Reports found in February 2024 that its products, which are sold under more than 10 different brand names, had security vulnerabilities that let anyone with a doorbell’s serial number remotely access images from its video feed. The products are sold under brand names including Aiwit, Andoe, Bitepass, CutePanda, Eken, Fishbot, Gemee, Guggre, Luckwolf, Rakeblue and Tuck. Eken said in April that it had since fixed the issues via a firmware update.
The investigation into those vulnerabilities is ongoing, but the commission also found that Eken violated rules requiring foreign companies that hold FCC device certifications to designate a US-based agent responsible for communicating with the commission.
As part of its investigation, the FCC’s enforcement bureau sent a Letter of Inquiry to Eken’s US point of contact, an individual located in Colorado Springs, Colorado — but the address provided on those forms has been inactive since 2019, according to the FCC. The FCC says Eken’s representative didn’t respond to letters sent via other means, including email.
“Providing a false address for the designated agent on three FCC applications constitutes three apparent violations of FCC rules resulting in three proposed penalties of the maximum forfeiture,” the FCC said in a press release Thursday. The FCC is proposing fines adding up to $734,872.
The commission’s investigation into Eken’s equipment is ongoing.
Image: Eken
The Federal Communications Commission (FCC) is proposing more than $700,000 in fines against Eken, a Hong Kong-based video doorbell manufacturer whose products were found to be susceptible to hackers, for an unrelated rules violation discovered during the commission’s ongoing investigation.
The commission began investigating Eken after Consumer Reports found in February 2024 that its products, which are sold under more than 10 different brand names, had security vulnerabilities that let anyone with a doorbell’s serial number remotely access images from its video feed. The products are sold under brand names including Aiwit, Andoe, Bitepass, CutePanda, Eken, Fishbot, Gemee, Guggre, Luckwolf, Rakeblue and Tuck. Eken said in April that it had since fixed the issues via a firmware update.
The investigation into those vulnerabilities is ongoing, but the commission also found that Eken violated rules requiring foreign companies that hold FCC device certifications to designate a US-based agent responsible for communicating with the commission.
As part of its investigation, the FCC’s enforcement bureau sent a Letter of Inquiry to Eken’s US point of contact, an individual located in Colorado Springs, Colorado — but the address provided on those forms has been inactive since 2019, according to the FCC. The FCC says Eken’s representative didn’t respond to letters sent via other means, including email.
“Providing a false address for the designated agent on three FCC applications constitutes three apparent violations of FCC rules resulting in three proposed penalties of the maximum forfeiture,” the FCC said in a press release Thursday. The FCC is proposing fines adding up to $734,872.
The commission’s investigation into Eken’s equipment is ongoing.