04:38 GMT +312 November 2019
Listen Live
    Amazon Alexa

    Videos: Security Researchers Develop Apps to Hack Alexa, Google Home Devices

    © Photo : Amazon
    Tech
    Get short URL
    142
    Subscribe

    Security research hackers have developed third-party apps that can secretly listen to people’s conversations via Amazon Alexa and Google Home devices.

    Germany’s Security Research Labs released a statement Sunday confirming that it was able to successfully develop eight voice apps - called “skills” on Alexa and “actions” on Google Home - that posed as astrology and random number generator apps. The programs were able to listen to people's conversations through these speaker devices. The apps, which bypassed Amazon and Google’s security checkpoints for third-party apps, also tricked users into inputting their passwords by giving them fake notifications about software updates.

    "Customer trust is important to us, and we conduct security reviews as part of the skill certification process," an Amazon spokesperson told Business Insider following Sunday’s press release. "We quickly blocked the skill in question and put mitigations in place to prevent and detect this type of skill behavior and reject or take them down when identified. It's also important that customers know we provide automatic security updates for our devices, and will never ask them to share their password."

    A Google spokesperson also confirmed to Business Insider that it is taking steps to prevent such security lapses from being exploited again.

    "All Actions on Google are required to follow our developer policies, and we prohibit and remove any Action that violates these policies. We have review processes to detect the type of behavior described in this report, and we removed the Actions that we found from these researchers. We are putting additional mechanisms in place to prevent these issues from occurring in the future," the spokesperson confirmed.

    This is not the first time that security loopholes have been identified in popular virtual assistant devices. Last year, security researchers identified an error allowing a malicious app to spy on people’s conversations through an Alexa even when the app wasn’t in use.

    Related:

    Amazon to Provide ‘Opt Out’ Settings for Alexa After Outrage as Staff Listened to Users Having Sex
    'Can You Trust Amazon? Do Pigs Fly?' Twitter Slams Alexa Over Address Info Leak
    Sex Doll Collector Says Robots Will ‘Replace Amazon Alexa’ as Home Gadgets
    Sex, Spies, and Audio Tape: Amazon's Alexa Caught Snooping on Copulating Couples – Report
    Amazon's Alexa Now Understands, Speaks Fluent Hindi
    Tags:
    security, technology, Google, Amazon
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik