How hackers could turn Alexa bad

Remigio Civitarese
Agosto 16, 2020

According to Check Point, IoT devices like Alexa devices still lack adequate security. The Alexa Hack only requires a single click on a malicious link. By default, the virtual assistant basically records and archives everything you say when an Alexa-enabled device is activated.

This could have allowed anyone with the right knowledge to secretly install or remove skills (an app or capability) on a user's Alexa account, listen to their voice history or access personal information.

The security researchers reached out to Amazon. which fixed the vulnerabilities prior to Check Point publishing the details. Recently, the vulnerability was found in Amazon Alexa, which could allow the hacker to get access to all the data of the users.

With access granted, a hacker could obtain the user's voice history along with their username, home address and phone number.

The analysts nitty gritty the weakness in a report delivered Thursday, saying potential programmers could have commandeered the voice associate gadgets utilizing pernicious Amazon joins. Counterpoint has shown that the Alexa skills are yet another attack vector that can't be countered by Anti-Virus or Malware software.

Even though Alexa, Google Assistant, Siri and other smart devices makes life more comfortable, but they have more responsibility.

"What we do know is that Alexa had a significant period of time where it was vulnerable to hackers", Check Point spokesman Ekram Ahmed told Fox News. What kind of personal information?

"The security of our devices is a top priority, and we appreciate the work of independent researchers like Check Point who bring potential issues to us". "We fixed this issue not long after it was drawn out into the open, and we keep on facilitating reinforce our frameworks".

However, Amazon has fixed the bugs and said that none of the vulnerabilities was used. Now, security experts have discovered a critical flaw in Alexa that could have exposed the voice history of millions of Alexa users across the globe to hackers.

It will also delete Alexa's responses to those queries.

Amazon also has systems in place to prevent the publication of malicious skills in its Skills Store, the person said, adding that any offending skills that are identified are blocked during certification or quickly deactivated.

Alexa is capable of voice interaction, setting alerts, music playback, and controlling smart devices in a home automation system.

Cybersecurity researchers from Check Point Research have documented an exploit in Amazon's Alexa that could have led to serious breaches of user data had it not been patched.

Some precautionary measures users can take include not installing unfamiliar apps on your smart speaker and being careful what sensitive information you share with your smart speakers such as passwords and bank account information, Check Point said.

Altre relazioniGrafFiotech

Discuti questo articolo

Segui i nostri GIORNALE