Smart Speakers Another IoT Vulnerable to Hack

Security researchers recently showed the way hackers could attack home speakers connected to the Internet for doing mischief, identifying details of the owner, as well as determining the appliances' exact locations. The researchers in their study about the Bose SoundTouch and Sonos Play: 1 speakers unearthed several security holes which if exploited could let a remote attacker hack the devices.

The research team from Trend Micro discovered that a maximum of 5,000 Sonos One and Sonos Play:1 systems as well as approximately five hundred Bose SoundTouch speakers could be remotely hacked. However, the hack could happen with far more devices other than those the team scrutinized.

At present, the security holes' inference is barely beyond one funny mischief; however, there's a vital reminder from the research for users to exercise vigilance with the security of home networks. According to Research Director Mark Nunnikhoven at Trend Micro, the vulnerability leads to fast changes and suddenly it isn't just a mischief. He continues to state that the study highlights significant security problems that everyone requires remembering with the use of increasing smart technologies inside their households. Popsci.com posted this on the Web dated December 29, 2017.

It has been discovered that devices prone to hack were determinable via online searches employing the NMap and Shodan tools. To have a successful hack, there must be certain security flaws in the attacked speakers like some un-patched vulnerability alternatively absence of authentication along with exploitable components.

In response to Trend Micro's discoveries, Sonos has released one update to take care of the problem. The security company said it also contacted Bose but hadn't still got a reply for its discoveries. The Sonos vulnerabilities, especially, were likely to allow an attacker capture Sonos owners' information while also possibly let a device have restricted control for playing songs.

After an alert by Trend Micro to Sonos, the latter issued one update for its users. However, Bose hasn't still taken action on its security flaws. What's more, the speakers of both companies continue to be susceptible to API attack targeting audio systems as their speakers become reachable online.

» SPAMfighter News - 1/3/2018