Security researchers have successfully extracted firmware from a cheap JieLi-based smartwatch by reviving an obscure 2000s attack technique that transmits sensitive data through display pixels.
The novel approach, which builds upon decades-old “blinkenlights” methodology, demonstrates a significant vulnerability in how budget smartwatch manufacturers handle memory access and screen rendering without proper validation checks.
The research began when the team purchased three suspicious €11.99 smartwatches from a local retail store in December 2024, noticing obvious quality red flags typical of fraudulent budget devices.
https://gbhackers.com/smartwatch-firmware/