Hackers have used a refrigerator to send spam emails in the first proven cyber attack of its kind.

Internet-connected home appliances were infected by a large "botnet" over a two-week period from December 23, according to California security firm Proofpoint.

It said hackers managed to penetrate home-networking routers, connected multimedia centers, televisions and at least one refrigerator to create a platform to deliver malicious spam or phishing emails. The firm said the case "has significant security implications for device owners and enterprise targets" because of massive growth expected in the use of smart and connected devices, from clothing to appliances.

It said these appliances may become attractive targets for hackers because they often have less security than PCs or tablets.

Incidents were documented between December 23 and January 6 featuring "waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting enterprises and individuals worldwide." More than a quarter of the emails were sent by things that were not conventional laptops, desktop computers or mobile devices.

"Botnets are already a major security concern -- and the emergence of thingbots may make the situation much worse," Proofpoint's David Knight said.

"Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. Enterprises may find distributed attacks increasing as more and more of these devices come online and attackers find additional ways to exploit them."