The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Amazon echo

Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light

Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light
November 05, 2019Mohit Kumar
A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices — all just by shining a laser at the targeted device instead of using spoken words. Dubbed ' Light Commands ,' the hack relies on a vulnerability in MEMS microphones embedded in widely-used popular voice-controllable systems that unintentionally respond to light as if it were sound. According to experiments done by a team of researchers from Japanese and Michigan Universities, a remote attacker standing at a distance of several meters away from a device can covertly trigger the attack by simply modulating the amplitude of laser light to produce an acoustic pressure wave. "By modulating an electrical signal in the intensity of a light beam, attackers can trick microphones into producing electrical signals as if they are receiving genuine audio," the researchers said in their paper [ PDF ]. Doesn't this so

Amazon Alexa Has Got Some Serious Skills—Spying On Users!

Amazon Alexa Has Got Some Serious Skills—Spying On Users!
April 26, 2018Mohit Kumar
"Alexa, are you spying on me?" — aaaa.....mmmm.....hmmm.....maybe!!! Security researchers have developed a new malicious 'skill' for Amazon's popular voice assistant Alexa that can turn your Amazon Echo into a full-fledged spying device. Amazon Echo is an always-listening voice-activated smart home speaker that allows you to get things done by using your voice, like playing music, setting alarms, and answering questions. However, the device doesn't remain activated all the time; instead, it sleeps until the user says, "Alexa," and by default, it ends a session after some duration. Amazon also allows developers to build custom 'skills,' applications for Alexa, which is the brain behind millions of voice-activated smart devices including Amazon Echo Show, Echo Dot, and Amazon Tap. However, security researchers at cybersecurity firm Checkmarx created a proof-of-concept voice-driven 'skill' for Alexa that forces device to indefin

Bluetooth Hack Affects 20 Million Amazon Echo and Google Home Devices

Bluetooth Hack Affects 20 Million Amazon Echo and Google Home Devices
November 16, 2017Swati Khandelwal
Remember BlueBorne? A series of recently disclosed critical Bluetooth flaws that affect billions of Android, iOS, Windows and Linux devices have now been discovered in millions of AI-based voice-activated personal assistants, including Google Home and Amazon Echo . As estimated during the discovery of this devastating threat, several IoT and smart devices whose operating systems are often updated less frequently than smartphones and desktops are also vulnerable to BlueBorne. BlueBorne is the name given to the sophisticated attack exploiting a total of eight Bluetooth implementation vulnerabilities that allow attackers within the range of the targeted devices to run malicious code, steal sensitive information, take complete control, and launch man-in-the-middle attacks. What's worse? Triggering the BlueBorne exploit doesn't require victims to click any link or open any file—all without requiring user interaction. Also, most security products would likely not be abl

Alexa, Are You Spying On Me? Not Really, Maybe, It's Complex!

Alexa, Are You Spying On Me? Not Really, Maybe, It's Complex!
August 02, 2017Mohit Kumar
Do you own an Amazon Echo? So are you also worried about hackers turning out your device into a covert listening device? Just relax, if there's no NSA, no CIA or none of your above-skilled friends after you. Since yesterday there have been several reports on Amazon Echo hack that could allow a hacker to turn your smart speaker into a covert listening device, but users don't need to worry because the hack is not simple, requires physical access to the device and does not work on all devices, as well. Amazon Echo is an always-listening voice-activated smart home speaker that is designed to play music, set alarms, answer questions via the Alexa voice assistant, and control connected smart home devices like WeMo, Hive and Nest. Hack Turns Amazon Echo Into Spying Device (But It's Complex) Now researchers from MWR InfoSecurity have demonstrated a hack, showing how hackers can exploit a vulnerability in some models of Amazon Echo to turn them into covert listening d

Police Ask for Amazon Echo Data to Help Solve a Murder Case

Police Ask for Amazon Echo Data to Help Solve a Murder Case
December 28, 2016Swati Khandelwal
Hey, Alexa! Who did this murder? Arkansas police are seeking help from e-commerce giant Amazon for data that may have been recorded on its Echo device belonging to a suspect in a murder case, bringing the conflict into the realm of the Internet of Things. Amazon Echo is a voice-activated smart home speaker capable of controlling several smart devices by integrating it with a variety of home automation hubs. It can do tasks like play music, make to-do lists, set alarms, and also provide real-time information such as weather and traffic. As first reported by The Information, authorities in Bentonville have issued a warrant for Amazon to hand over audio or records from an Echo device belonging to James Andrew Bates in the hope that they'll aid in uncovering additional details about the murder of Victor Collins. Just like Apple refused the FBI to help them unlock iPhone belonging to one of the San Bernardino terrorists, Amazon also declined to give police any of the info
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.