Amazon Echo, Google Home Hack: Devices At Risk For Blueborne Attack

A number of serious security flaws discovered to affect Bluetooth devices earlier this year are now plaguing artificial intelligence-based, voice-activated speakers including Google Home and Amazon Echo. Security firm Armis--the same group that first disclosed the Bluetooth vulnerabilities, dubbed Blueborne, in September--has issued new warning that as many as 15 million Amazon Echo devices and five million Google Home speakers are currently at risk. According to researchers, the Amazon Echo is susceptible to two primary vulnerabilities related to Blueborne. The first is a remote code execution vulnerability that would allow an attacker to run arbitrary code on the device that could force it to perform malicious actions without the device owner's knowledge. In a demonstration video posted on YouTube Armis researchers, they show the attack in action.