The Barbie doll seems to be among the most benign toys on the planet. One of its new incarnations is not. The Hello Barbie, made by Mattel Inc. (NYSE: MAT), could be the target of hackers.
Barbie first appeared in 1959. Since then, Mattel has sold tens of millions of the dolls in dozens of incarnations, ranging from ones that can talk to ones which eat Oreos. Very modern technology allowed Mattel to create a Barbie with advanced voice recognition. The Hello Barbie toy has a microphone and speaker in its necklace and power button on its belt. Mattel says the doll cannot be used without parental approval. It comes with an app that allows conversation via Wi-Fi. It is this Wi-Fi application that makes Hello Barbie a target for malicious hackers.
Wi-Fi security expert Andrew Blaich wrote at tech site BlueBox:
For any connected device, strong security must take into account not just the device itself, but the full scope of apps and infrastructure associated with it. Along with independent security researcher Andrew Hay, Bluebox Labs has examined the security of the mobile components of Hello Barbie. This joint research covers the mobile app, both iOS and Android versions, developed by Mattel partner ToyTalk as well as communications between the app and cloud-based servers.
We discovered several issues with the Hello Barbie app including:
It utilizes an authentication credential that can be re-used by attackers
It connects a mobile device to any unsecured Wi-Fi network if it has “Barbie” in the name
It shipped with unused code that serves no function but increases the overall attack surface
On the server side, we also discovered:Client certificate authentication credentials can be used outside of the app by attackers to probe any of the Hello Barbie cloud servers.
The ToyTalk server domain was on a cloud infrastructure susceptible to the POODLE attack
Barbie has become a sort of dangerous, portable, crude smartphone device priced at $79.44, its innocence destroyed.
100 Million Americans Are Missing This Crucial Retirement Tool
The thought of burdening your family with a financial disaster is most Americans’ nightmare. However, recent studies show that over 100 million Americans still don’t have proper life insurance in the event they pass away.
Life insurance can bring peace of mind – ensuring your loved ones are safeguarded against unforeseen expenses and debts. With premiums often lower than expected and a variety of plans tailored to different life stages and health conditions, securing a policy is more accessible than ever.
A quick, no-obligation quote can provide valuable insight into what’s available and what might best suit your family’s needs. Life insurance is a simple step you can take today to help secure peace of mind for your loved ones tomorrow.
Click here to learn how to get a quote in just a few minutes.
Thank you for reading! Have some feedback for us?
Contact the 24/7 Wall St. editorial team.
Latest from 24/7
Our expert who first called NVIDIA in 2009 is predicting 2025 will see a historic AI breakthrough.
You can follow him investing $500,000 of his own money on our top AI stocks for free.