Toy-Fi is also made by Spiral Toys, which has not commented on the vulnerability.Stiftung Warentest has also tested the Wowee Chip, which has the same Bluetooth vulnerabilities but hackers can only take remote control of the toy, not speak to the child.Last year, Germany’s telecoms watchdog ordered parents with the My Friend Cayla talking to doll to destroy it as it could be used to ‘illegally spy’ on children.This followed researchers and consumer groups having expressed concern that access to the doll was completely unsecured, in a similar way to the findings above.Our US colleagues, Consumer Reports, has also previously filed complaints in America about both toys.In July 2017, the FBI took the important step of issuing a warning about connected toys in general, stating that: ‘Security safeguards for these toys can be overlooked in the rush to market them and to make them easy to use.’ In the cases featured above, the security could have been increased with proper authentication on the Bluetooth connection.I discovered a few weeks ago that there is no firmware update available for my system, and while I can change the pw and have done so, the login name is hard coded.And, apparently the same Chinese company makes the firmware for most of these systems regardless of brand.
A North Carolina sheriff’s office is checking in arrestees by hand after a hacking attack on county government computers.
Watch our video below to see just how easy it is for anyone to take over the voice control of a popular connected toy, and speak directly to your child through it. Read on for the security breaches discovered in the popular Furby toy and see how easy it was for us to hack into a cute Cloud Pets cat.
With toys like these and other connected toys expected to be popular around Black Friday and Christmas, we’re calling for smart toys to be made secure, or taken off sale entirely.
Charlotte officials have said their computers aren’t affected by the hacking.
The sheriff’s office also posted a message that its website wasn’t able to process requests for information on jail inmates that are normally easily accessed by the public.