It has been discovered that a refrigerator was used to send out spam messages along with over 100,000 more devices, according to cloud security provider Proofpoint.
The web attack, which was part of a global attack campaign, also compromised computers, personal computers, routers and smart TVs, according to the firm. The breach is said to be the first that takes advantage of the poor security on those devices.
The spam initiative took place from 23 December to 6 January and around 750,000 messages were routed via the compromised devices and sent as part of the fraudulent e-mail campaign.
Around a quarter of those messages were not sent out through desktops, laptops or smartphones, as the malicious software managed to install itself on other devices including home media systems, kitchen appliances and Internet-connected TVs. Many of those devices are fitted with computer processors which act like a server and are capable of handling communication and other functions.
The compromised smart devices were found after Proofpoint conducted an investigation into the addresses related to the campaign, David Knight, general manager at Proofpoint, told the BBC.
The malicious software allowed spam to be sent from the smart gadgets and was able to install itself because many of those devices were protected poorly and default passwords were not changed, leaving them exposed to attacks, Knight explains. Such attacks could become more common because many homes and furnishings are becoming smarter. Many of these gadgets are not adequately configured and secured and people have no way to identify or fix security issues when they occur, he added.