Google and Amazon voice assistants vulnerable to attack
Over the past week, computer security researchers have discovered a security flaw that enabled Alexa and Google home to hack, voice assistants of both digital giants Amazon and Google. With this flaw it would be possible for all hackers, to record conversations of users of its assistants.
Google and Amazon have been informed by the cybersecurity specialists of the SRLabs structure. They were the ones who discovered the vulnerabilities that affected intelligent voice assistants. they then informed the general public of the danger that threatened them.
This article will also interest you: Privacy: Microsoft listens to Xbox users
How did this could have been possible? It's pretty simple. They have used malware that allows Lengthen listening time and record conversations with Speakers. The speakers of the assistants of course. As a result of the tests the researchers even managed to recover passwords from test users' Google accounts. "In the their research, these experts wanted to demonstrate the importance these third-party software for voice assistants. Similarly, this flaw shows that how essential it is to remove those that are no longer in use. » The SRLabs spokesperson explained.
At the moment there is no evidence that this hacking has already been used. No casualties have occurred and so far nothing on this side has been reported.
However, in a video that was presented by SRLabs researchers, one could see it's even researcher asking a Google home assistant to produce random numbers. Before realizing it the assistant continued to listen to the conversations, and it was the same with assistant Alexa. And it was realized that the assistants continue to record in silence even after the order given.
Using the same methods, it would be possible to recover the recordings at the expense of voice assistant users. "Other videos show how engineers manipulated both assistants to give identifiers or fake error messages." According to the online newspaper ZDNet. "Voice assistant providers like Google and Amazon don't often care about app updates, leaving the door open for hackers to do so. Keep going.
The two manufacturers of its voice assistants, including Google and Amazon, have claimed to have taken action to remedy this problem. On Amazon's side patches would have been made to fill the problem. On the Google side, it is claimed that it has already removed the actions initiated by researchers who managed to mislead the system of the Google home assistant. Their researchers are even currently doing an in-depth analysis of the third-party software used by the home voice assistant.
But all this appeals to us because this is not the first time that security vulnerabilities have been discovered on Alexa and Google home. Another flaw discovered and there is no evidence that it will be the last. if additional security measures are made to these tools, which are increasingly used by the general public, the manufacturing and programming methods should still be strengthened in order to be able to understand problems that may arise in the future as soon as possible.
Because the researchers were able to prove that it was possible to add more codes in applications used in the connected speakers of its voice assistants which could allow to do a kind of voice phishing, spy conversations as well as record them without the knowledge of users.
Now access an unlimited number of passwords: