Cybersecurity researchers said they have uncovered “troubling vulnerabilities” within a widely used smart toy robot, raising serious concerns about children’s online safety.
Kaspersky, the cybersecurity company, presented findings of the recent investigation at the Mobile World Congress (MWC) Barcelona 2024, under the theme “How Can We Empower the Vulnerable in the Digital Environment?”
This interactive toy, described as a “tablet on wheels,” boasts features like gaming, educational applications, voice assistants, and internet connectivity, all powered by the Android operating system.
However, the flaws discovered in its system, including a built-in camera and microphone, could potentially expose children to cybercriminals who exploit these vulnerabilities to engage in clandestine video chats, researchers from the cybersecurity firm, Kaspersky, report.
However, the flaws discovered in its system, including a built-in camera and microphone, could potentially expose children to cybercriminals who exploit these vulnerabilities to engage in clandestine video chats, researchers from the cybersecurity firm, Kaspersky, report.
During the setup process, which involves linking the toy to a parent’s mobile device and providing basic information about the child, such as name and age, Kaspersky’s researchers identified a critical security gap: the absence of authentication enforcement in the Application’s Programming Interface (API).
This oversight, according to the findings, enables hackers to intercept sensitive data, including the child’s personal details such as the name, age, gender and even the IP address, via intercepting and analysing the network traffic address.
Furthermore, these vulnerabilities could allow cybercriminals to remotely access the toy’s camera and microphone, initiating video calls to the child without consent from the guardian or parent. Such unau ..
Support the originator by clicking the read the rest link below.
