If you think that the idea of your smart connected speakers talking on its own and controlling things in your home is crazy, give it a second thought. Researchers at security firm Trend Micro identified a creepy issue while investigating the network configuration of Sonos and Bose. They have found that models from Sonos, including Sonos one and Sonos Play:1 along with some Bose SoundTouch speakers can be accessed remotely and then controlled to trigger smart commands or play audio with simple tricks. With increasing number of smart home devices, this security loophole can give hackers control over your smart devices. Attackers can easily take control on such compromised speakers to play Alexa or Google Home commands.
The research showed that the compromised speakers can be easily spotted using scanning tools like NMap and Shodan. They were able to find 2,000-5,000 Sonos devices and 400-500 Bose devices online. These exposed models were able to allow any device on the same network to access the APIs used to interface with apps like Spotify or Pandora without requiring any authentication. The researchers utilized the API to ask speakers to play audio file from any URL and the speakers happily obeyed the order.
While only a few number of devices happens to be affected, researchers warn that anyone who have left their network open to provide direct access to other servers over the internet could be vulnerable to the attack. “The unfortunate reality is that these devices assume the network they’re sitting on is trusted, and we all should know better than that at this point,” said Mark Nunnikhoven, a Trend Micro research director. “Anyone can go in and start controlling your speaker sounds,” if you have a compromised devices, or even just a carelessly configured network.
There hasn’t been any reports yet, despite the severity of this security loophole beyond some simple pranks. One of the Sonos owner however did post on company’s community forum to complain about the spooky sounds played on the speakers, which left her freaked out. The owner actually felt victim of Ghosty, a Sonos hack developed by Aaron Gotwalt that allows you to take control of the Sonos system and freak out people with spooky sounds.
Sonos pushed an update after Trend Micro warned about the issue, but Bose hasn’t responded yet on the security loopholes with their smart speakers. While the security threat isn’t critical for an average smart speaker user, it is indeed a wake-up call for all those who carelessly provide external internet users the access to their home servers.