Skip to main content
  1. Home
  2. Audio / Video
  3. News

Your Sonos or Bose speaker (probably) isn’t haunted, but it could be hacked

By

Sonos One
Image used with permission by copyright holder
The idea of your internet-connected speakers and other smart devices talking to each other might sound crazy, but it’s more likely than you think. At least it is now that hackers have found a way to play any sound they want on certain speakers from Sonos and Bose, as Wired reports.

Cybersecurity company Trend Micro has found that models from Sonos, including the Sonos One and Sonos Play:1, as well as some Bose SoundTouch speakers, can be found relatively easily by remote attackers. Trend Micro found that between 2,000 and 5,000 Sonos devices could be found online, depending on the time of day, while 400 to 500 Bose systems could be found. Once the speaker is found, an attacker can play any audio of their choice through the speaker without much work.

While playing audio doesn’t sound like much of a threat — especially when compared to your smart home devices being made part of a botnet — it isn’t as innocuous as it sounds. Attackers could, for example, use a compromised speaker to play Alexa or Google Home commands. With our homes increasingly hosting these types of devices, and in the case of the Sonos One, having Alexa built in, this could give an attacker free reign over your smart devices.

Related

Despite the potential consequences that this vulnerability could lead to, for the time being, there don’t seem to be reports of much beyond simple pranks. Earlier this year, a post by a Sonos owner on the company’s community forum complained of a series of spooky sounds emanating from their speaker — first the sound of a door opening, then glass breaking, then a baby crying. Eventually the customer pulled the plug to stop the sound.

Fortunately, this shouldn’t pose a problem for the average Sonos or Bose owner. Most home networks are secure enough to prevent the access needed for this type of attack. If, on the other hand, you’re running a game server or allowing other types of access to your home network from the internet, you might want to tighten up your security settings.

Sonos has issued a patch aimed at fixing this issue, and while Bose has yet to comment on the issue, it’s likely that a similar fix is on the way.

Editors’ Recommendations

Topics
Kris Wouk
Kris Wouk
Former Digital Trends Contributor
Kris Wouk is a tech writer, gadget reviewer, blogger, and whatever it's called when someone makes videos for the web. In his…
The Beats Pill is back, baby!
A pair of Beats Pill speakers.

In what's been one of the worst-kept secrets of the year -- mostly because subtly putting a product into the hands of some of the biggest stars on the planet is no way to keep a secret -- the Beats Pill has returned. Just a couple of years after Apple and Beats unceremoniously killed off the stylish Bluetooth speaker, a new one has arrived.

Available for preorder today in either black, red, or gold, the $150 speaker (and speakerphone, for that matter) rounds out a 2024 release cycle for beats that includes the Solo Buds and Solo 4 headphones, and comes nearly a year after the Beats Studio Pro.

Read more
Ifi’s latest DAC is the first to add lossless Bluetooth audio
Ifi Audio Zen Blue 3 DAC (front).

Ifi Audio's new Zen Blue 3 wireless digital-to-analog converter (DAC) will officially be available to buy for $299 on July 9. When it is, it will be the first device of its kind to support a wide variety of Bluetooth codecs, including Qualcomm's aptX Lossless, the only codec that claims to deliver bit-perfect CD quality audio over a Bluetooth connection.

Admittedly, there are very few devices on the market that can receive aptX Lossless (and fewer that can transmit it), so it's a good thing that the Zen Blue 3 also works with the more widely supported aptX Adaptive, LDAC, and LDHC/HWA codecs (all of which are hi-res audio-capable), plus the three most common codecs: AAC, SBC, and aptX.

Read more
The new Beats Pill might replace Sonos on my back porch
The 2024 Beats Pill and an aging Sonos Play:1.

If I were to build an outdoor stereo in 2024, I'd do it with a pair of portable Beats Pills instead of Sonos speakers. Phil Nickinson / Digital Trends

In 2017, after more than a decade in our home, my wife and I added a pool. With it came a covered deck, making what basically was a new outdoor room. Not uncommon at all in Florida, but new to us.

Read more