Hackers could spy on your children via a popular Christmas toy

This Christmas, your kids could be asking for a tablet to use for themselves, but you may be understandably reluctant to hand them a pricey iPad. Perhaps you'll instead look into one of the many off-brand kids tablets that have flooded the market since the technology became cheaper to mass-produce. However, it's worth being aware of the risks that can be involved with lesser-known toys, particularly as one model has been revealed as being vulnerable to hackers. 

Inexpensive tablet has security flaws

The tablet in question is called the 'InnoTab Max' or the 'Storio Max'. It's an attractive option for parents owing to the relatively inexpensive price tag when compared to Apple products, standing at around £115. Another aspect parents will love is the fact that websites have to be approved before kids can access them on the device. However, less popular will be the fact that hackers can use a security vulnerability to spy on the user. 

Successful hackers can take control of the camera and microphone, watching and listening to children who use the tablet. Perhaps most worryingly is the fact that hackers could potentially even take control of the built-in speakers, speaking directly to the user. These revealations were first discovered at a London-based company known as 'SureCloud', who found that if one of the pre-authorised websites were compromised, it could lead to a vulnerability in the tablet's security. Once you know about the exploit, researchers explained that it was easy to take advantage of, and that it allowed malicious code to be remotely launched from a distance. 

What the company says

Thankfully, after the flaw was exposed, the Chinese firm that owns the product released a patch to the device, which solves the problem. The company has since released a number of comments on the issue, highlighting how the 'hack' was achieved by an experienced company that specialises in exposing security flaws within products. Still, it is an eye-opening reminder of the security issues that can be found in any always-connected device, particularly one with audio and video capabilities. 

'This was a controlled and targeted “ethical hack” by SureCloud, which is a sophisticated cyber firm that was in possession of a detailed knowledge of hacking techniques and InnoTab/Storio Max’s firmware.

'We are not aware of any actual attempt to exploit the vulnerability and we consider the prospects of this happening to be remote. 

'However, the safety of children is our top priority and we are constantly looking to improve the security of our devices.'  

WiseGuys' advice to customers is to be wary of what devices you're handing to your kids, especially with mounting peer pressure when other families are getting their children connected at a younger and younger age. Official Apple and Google devices have heaps of customisation options that can lock down the activities and amount of time that children can spend online. What's more, they're coming from a reputable company with years' worth of experience protecting users from security issues, even if they do cost a little bit more.

If you're looking for advice on applications and settings that can help protect the family, such as Apple's Screen Time app, or any other parental controls, then get in touch with WiseGuys and we can help. You can reach us on 0808 123 2820. 

Latest Articles

General January 09, 2017

The Microsoft Scam

The Microsoft Scam. Find out what it is and how to protect yourself.