August 14, 2018
A group of security researchers have exposed a flaw in the Amazon Echo that allows hackers to secretly listen to unsuspecting users’ conversations – but only if they’re savvy enough to be able to carry out the attack.
In a presentation dubbed ‘Breaking Smart Speakers: We are Listening to You,’ researchers from Chinese tech giant Tencent explained how they were able to build a doctored Echo speaker and use that to gain access to other Echo devices.
The researchers have since notified Amazon of the vulnerability, and the company issued a patch in July.
‘After several months of research, we successfully break the Amazon Echo by using multiple vulnerabilities in the Amazon Echo system, and [achieve] remote eavesdropping,’ the researchers said in the presentation, which was given at the DEF CON security conference, according to Wired.
‘When the attack [succeeds], we can control Amazon Echo for eavesdropping and send the voice data through network to the attacker.’
First, the researchers took apart an Echo speaker and removed its flash memory chip.
This article was posted: Tuesday, August 14, 2018 at 5:53 am