Researchers at Zhejiang University in China have developed a method to hijack intelligent voice assistants such as Siri and Alexa using sounds above the range of human hearing.
The researchers employed ultrasound to activate the assistant and take control of the speaker, smartphone, or other device, as well as accessing any connected systems.
The team says the attack works by converting the usual wake-up commands "Okay Google" or "Hey Siri" into high-pitched analogues. When a voice assistant hears these sounds, it recognizes them as legitimate commands.
The researchers were able to use this technique to open a malicious website to download malware and start a video or voice call to spy on its surroundings.
The team says an attacker would need to be near the target device for the hack to work, but it may be possible to play the commands via a hidden speaker as the attacker walks past.
From New Scientist
View Full Article
Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA
No entries found