1. Home Theater

Your Sonos or Bose speaker (probably) isn’t haunted, but it could be hacked

By

Sonos One
The idea of your internet-connected speakers and other smart devices talking to each other might sound crazy, but it’s more likely than you think. At least it is now that hackers have found a way to play any sound they want on certain speakers from Sonos and Bose, as Wired reports.

Cybersecurity company Trend Micro has found that models from Sonos, including the Sonos One and Sonos Play:1, as well as some Bose SoundTouch speakers, can be found relatively easily by remote attackers. Trend Micro found that between 2,000 and 5,000 Sonos devices could be found online, depending on the time of day, while 400 to 500 Bose systems could be found. Once the speaker is found, an attacker can play any audio of their choice through the speaker without much work.

While playing audio doesn’t sound like much of a threat — especially when compared to your smart home devices being made part of a botnet — it isn’t as innocuous as it sounds. Attackers could, for example, use a compromised speaker to play Alexa or Google Home commands. With our homes increasingly hosting these types of devices, and in the case of the Sonos One, having Alexa built in, this could give an attacker free reign over your smart devices.

Despite the potential consequences that this vulnerability could lead to, for the time being, there don’t seem to be reports of much beyond simple pranks. Earlier this year, a post by a Sonos owner on the company’s community forum complained of a series of spooky sounds emanating from their speaker — first the sound of a door opening, then glass breaking, then a baby crying. Eventually the customer pulled the plug to stop the sound.

Fortunately, this shouldn’t pose a problem for the average Sonos or Bose owner. Most home networks are secure enough to prevent the access needed for this type of attack. If, on the other hand, you’re running a game server or allowing other types of access to your home network from the internet, you might want to tighten up your security settings.

Sonos has issued a patch aimed at fixing this issue, and while Bose has yet to comment on the issue, it’s likely that a similar fix is on the way.

Editors' Recommendations

The best iPhone to buy in 2021

iPhone 12 composite

The 99 best movies on Hulu right now

Bill Murray and Jason Schwartzman in Rushmore.

Roku Streaming Stick 4K review: The Roku stick to get

Roku Streaming Stick 4K

The best Roku TVs for 2021

Woman looking away from a Roku TV screen.

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

Early Dell Black Friday Deals 2021: Save on gaming laptops, monitors and more!

Person sitting and holding Dell XPS 13 laptop on their lap.

Best cheap Blink camera deals for October 2021

Blink Home System security cameras on a kitchen counter.

Animal Crossing: New Horizons’ 2.0 update is gigantic

A Villager drinks coffee at The Roost in Animal Crossing: New Horizons.

Nintendo Switch Online’s Expansion Pack is a pricey online plan

nintendo switch online

Samsung Galaxy S21 FE might not launch at Unpacked 2 after all

what to expect samsung galaxy unpacked february 2020 2019 ceo feature v2

Back 4 Blood enemy guide: How to kill all Special Ridden

Back 4 Blood Stinger preparing to attack.

Microsoft might be building its own version of the Apple M1 chip for Surface

The interior of the Surface Laptop Studio.

Back 4 Blood’s card system explained

back 4 bloods card system explained 1920x1080 vtime 0 11 take 2021 10 14 29 36