Researchers have discovered a severe privacy issue in the Fisher-Price kids’ toy phone. Specifically, the lack of security checks allows turning the Fisher-Price Chatter Bluetooth phone into an audio bug.
Fisher-Price Chatter Phone Bug
Sharing the details in a blog post, Pen Test Partners has highlighted how the Fisher-Price Chatter Bluetooth phone can allow spying on users.
Fisher-Price is a popular kids’ toys brand owned by the Barbie-giant Mattel Inc. This brand produces numerous smart toys for kids, including the vulnerable Bluetooth phone.
Specifically, the researchers found that the Fisher-Price Chatter phone lacked authentication on incoming Bluetooth connections, becoming an audio bug.
While the phone should ideally allow pairing to the users’ smartphones only, in reality, it will enable any random incoming connection. Thus, it becomes possible for an adversary in range of the toy phone to connect to it via Bluetooth sneakily and listen to the nearby sounds.
Moreover, the toy phone also allowed auto-answering of incoming calls on the connected smartphone. This scenario also triggers a privacy breach if the Bluetooth toy phone is left unattended.
The only limiting feature in this toy phone is the necessity of picking up the handset to listen to the audio. However, this meager requirement isn’t a limitation, mainly if small children are around who may accidentally pick the handset upon ringing, or leave the handset aside after playing, thus allowing the auto-answering feature to trigger.
Recommended Mitigations
Currently, Mattel hasn’t commented about whether it plans to address this matter anytime soon. Unfortunately, it means all current users of this toy phone are at risk of eavesdropping by strangers via this small gadget.
Nonetheless, the researchers have recommended that adults thoroughly supervise the phone to mitigate the risks. It includes,
- Checking the phone’s Bluetooth paired devices to find any unknown connections.
- Ensuring the handset of the toy phone remains in place.
- Turning off the phone when not in use.
It isn’t the first case where a seemingly harmless toy turned into a spying vector. Earlier, the toy doll “My Friend Cayla” also demonstrated similar vulnerabilities that allowed eavesdropping. Consequently, Germany even banned the toy for privacy concerns urging parents to destroy it.
Let us know your thoughts in the comments.