New Way Found to Use Alexa, Google to ‘Voice Phish’ and Eavesdrop on Users

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,005
Researchers have found new ways that bad actors can exploit Alexa and Google Home smart speakers to spy on users. This time the hack not only includes eavesdroping, but also includes voice-phishing, or using people’s voice cues to determine passwords.

The vulnerability lies in small apps created by developers for the devices to extend their capability called Skills for Alexa and second app called Actions on Google Home, according to a report by Security Research Labs (SRLabs). These apps “can be abused to listen in on users or vish (voice phish) their passwords,” researchers said.

“The privacy implications of an internet-connected microphone listening in to what you say are further reaching than previously understood,” researchers wrote in their report. “Users need to be more aware of the potential of malicious voice apps that abuse their smart speakers.”
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top