Unless you're someone that's specifically worth targeting (eg. crypto billionaire), no burglar is going through the effort for this. Moreover even without smart fridges, you'd have to contend with similar threats from other internet connected devices (eg. laptops or routers), which can also infer whether the home is occupied or not.
I'm thinking more about a systemic approach rather than a one-off — in other words, surveying all units to identify potential targets rather than evaluating the risk for a single target. Recently we have seen a rise in criminal organizations who target high-profile targets known to be away (e.g. sports figures and entertainers whose schedules are known), and it seems like such a tool could be of use to such orgs as an additional signal — and to broaden their target base to non-celebrities.
Also, while "smart" Samsung fridges are the topic of this article, the concept generalizes to any internet connected devices within "smart" homes which exhibit a combination of "hackable" and revealing-of-occupancy. Samsung refrigerators are unlikely to be the most attractive vector when there are e.g. "smart" light bulbs out there which are vulnerable and never going to be patched because the manufacturer went out of business.
FWIW, I'm not a pen tester or security specialist — just a security-conscious generalist software developer. I see evidence left behind of scanning attacks in web logs, but haven't actually crafted such mass attacks myself.
I think the concern is that hacking an IOT platform would give you names, physical addresses, and household occupancy for all of their customers. Once you cross-reference that with another database you have a list of wealthiest households in a given zip code whose owners are on vacation, with live access to cameras inside their home.
>I think the concern is that hacking an IOT platform would give you names, physical addresses, and household occupancy for all of their customers.
The problem is that even if you can amass such an IOT botnet, you still need people on the ground to conduct such burglaries, and that scales poorly. Even if you tried to operate on a SaaS model, you're going to find that your clients (ie. drug users who want their next fix) are fickle and are very eager to snitch on you to the police, making it very likely that your botnet gets dismantled. On the other hand running a DDoS or "residential proxy" botnet comes with none of these hassles.
