Home >> News >> Hello Barbie is Just Ripe for Hackers

Hello Barbie is Just Ripe for Hackers


Hello Barbie is Just Ripe for Hackers
Look into my eyes and tell me your Steam password little child.

No, I’m not talking about daddy issues. We all know that already. We’re talking about security problems, and how Hello Barbie is just ripe for hackers.

Bluebox, a huge security firm, released on Friday new information regarding the state of Mattel’s Hello Barbie, which is a $75 doll with internet super powers.

<

Researchers at Bluebox have found it to be vulnerable to attacks from hackers. Basically, strangers can tap into your child’s conversation with the Barbie. The doll connects to the internet via a cloud server.

Hello Barbie might receive a huge bag of charcoal this Christmas, and Mattel a hefty law suite if they don’t patch up things immediately. Given that last week, a different researcher that goes by the name Matt Jakubowski found a flaw, which allows hackers to discover the exact location of the home address of the doll owner, I don’t think Hello Barbie will have a long life.

However, Mattel’s doll isn’t the only one with security problems. In November, hackers have stolen crucial information from the Learning Lodge app store, which is designed for VTech toys. More than 6.4 million accounts linked to children are now most likely available to purchase for the highest bidder.

As a parent, it’s hard to sleep at night knowing that your child’s info is bought and sold in black markets.

Hello Barbie was released last month with the aim to be ready for this X-Mas holiday. With these issues brought to light, consumers will most likely look for some other toy that isn’t internet-enabled – regardless if Mattel patches the issues or not.

Both companies, Mattel and ToyTalk – with the latter responsible of the software the doll uses; are rushing to fix these security vulnerabilities.

How does the Hello Barbie work?

It’s an amazing toy, to be frank. At least, at first. Your child talks with the toy, and the doll’s necklace lights up to notify that she is indeed listening. Afterwards, she replies.  Deep inside her, however, it’s not that magical. The doll uses wireless communication and it seeks help from a companion app and ToyTalk’s home-grown service. All over the internet.

Jakubowski hacked his Hello Barbie doll and found out that the toy can become a gateway to other Hello Barbies that are connected to the Internet. He could send signals to them, and it was incredibly easy to do so. Bluebox unveiled that hackers can take the voice recordings of a child and reconstruct them. The implications are dire, and we all know that there are some twisted minds out there.

Fortunately, for everyone, a) these issues are not that hard to fix, and b) there are no signs that hackers have done any damage.

Still, it’s best to stay on the safe side. Nobody wants to hear some 40-year old man talking about whoever knows what with your child.

Source Image: 1


About John W Arthur

john@thenextdigit.com'
John is the head of our IT Security team and he writes about Security, IT news on The Next Digit. He was the Employee of the Year 2013 for his selfless support and efficiently setting up the whole security infrastructure. He also occasionally writes on "IT Sec Pro" Print Media of Sweden. All posts by John

Fatal error: Uncaught Exception: 12: REST API is deprecated for versions v2.1 and higher (12) thrown in /home/nitin198/public_html/wp-content/plugins/seo-facebook-comments/facebook/base_facebook.php on line 1273