Hello Barbie Doll Can Be Hacked

Print Email

The Barbie doll seems to be among the most benign toys on the planet. One of its new incarnations is not. The Hello Barbie, made by Mattel Inc. (NYSE: MAT), could be the target of hackers.

Barbie first appeared in 1959. Since then, Mattel has sold tens of millions of the dolls in dozens of incarnations, ranging from ones that can talk to ones which eat Oreos. Very modern technology allowed Mattel to create a Barbie with advanced voice recognition. The Hello Barbie toy has a microphone and speaker in its necklace and power button on its belt. Mattel says the doll cannot be used without parental approval. It comes with an app that allows conversation via Wi-Fi. It is this Wi-Fi application that makes Hello Barbie a target for malicious hackers.

Wi-Fi security expert Andrew Blaich wrote at tech site BlueBox:

For any connected device, strong security must take into account not just the device itself, but the full scope of apps and infrastructure associated with it. Along with independent security researcher Andrew Hay, Bluebox Labs has examined the security of the mobile components of Hello Barbie. This joint research covers the mobile app, both iOS and Android versions, developed by Mattel partner ToyTalk as well as communications between the app and cloud-based servers.

We discovered several issues with the Hello Barbie app including:

It utilizes an authentication credential that can be re-used by attackers
It connects a mobile device to any unsecured Wi-Fi network if it has “Barbie” in the name
It shipped with unused code that serves no function but increases the overall attack surface
On the server side, we also discovered:

Client certificate authentication credentials can be used outside of the app by attackers to probe any of the Hello Barbie cloud servers.
The ToyTalk server domain was on a cloud infrastructure susceptible to the POODLE attack

Barbie has become a sort of dangerous, portable, crude smartphone device priced at $79.44, its innocence destroyed.