VTech Faces More Problems; Security Researchers Reveal More Security Loopholes
Phenny Lynn Palec | | Dec 03, 2015 09:25 AM EST |
(Photo : Getty Images) VTech claims that despite the severity and sophistication of the attack, no credit card data was stolen.
Things are getting from bad to worse for toy manufacturer VTech. Following the recent hack that leaked data of more than 6.4 million children and 4.8 million adults which led the company's stock price to drop to its lowest point this year, an investigation launched by security researchers has revealed that the InnoTab Max tablet for kids has two glaring vulnerabilities. VTech is refusing to answer questions about whether the company even has a security team.
Like Us on Facebook
Pen Test Partners security expert Ken Munro is responsible for the discovery of the security loopholes buried deep inside InnoTab. The flaw was easy to spot as it reportedly has already been known to the tech security community for at least two years. The security loophole lies in the Rockchip RK3168 processor of the tablet which allows anyone with access to the device to easily steal data from the tablet's memory using a freely available hacking tool called RKFLASHTOOL.
In his blog post, Munro wrote, "This bug has been known about for well over two years. It's a bit lame of VTech to continue shipping vulnerable tablets, tablets that expose children's data."
Another security flaw discovered by Munro on the InnoTab device lies on the microSD slot embedded on the motherboard that stores user data and filesystem. This type of storage system will essentially give hackers an easy route to access sensitive user data.
According to Forbes, in many ways, VTech did not adhere to accepted security standards. The hack itself that exposed massive amounts of sensitive user data was perpetrated using an age-old hacking technique of SQL injection. VTech's website is also not protect by SSL web encryption and the company is storing user data in unencrypted fashion. Security experts also found out that VTech's Android application, used by parent to communicate to their children, is vulnerable to hacking.
TagsVTech, VTech Hack, hackers, VTech problems, Security, online security, VTech news, VTech toys, VTech Security Loopholes, VTech InnoMax Tablet
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
-
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?