Goto

Collaborating Authors

 security researcher expose new alexa


Security researchers expose new Alexa and Google Home vulnerability

#artificialintelligence

Security researchers with SRLabs have disclosed a new vulnerability affecting both Google and Amazon smart speakers that could allow hackers to eavesdrop on or even phish unsuspecting users. By uploading a malicious piece of software disguised as an innocuous Alexa skill or Google action, the researchers showed how you can get the smart speakers to silently record users, or even ask them for the password to their Google account. The vulnerability is a good reminder to keep a close eye on the third-party software that you use with your voice assistants, and to delete any that you're unlikely to use again where possible. There's no evidence that this vulnerability has been exploited in the real world, however, and SRLabs disclosed their findings to both Amazon and Google before making them public. In a series of videos, the team at SRLabs has shown off how the hacks work. One, an action for Google Home, allows the user to ask for a random number to be generated.