SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
2 Aug 2017

This Amazon Echo hack can make your speaker spy on you

A vulnerability in older Amazon Echo devices can be used to make the home assistant relay conversations to eavesdroppers while the owner remains none the wiser.

Research by MWR InfoSecurity found it's possible to turn an Amazon Echo into a covert listening device without affecting its overall functionality. One big limiting factor: the process does involve the attacker being able to gain access to the physical unit, but it's possible to tamper with the Echo without leaving any evidence.

The vulnerability comes as a result of two design choices: exposed debug pads on the base of the device and a hardware configuration setting which allows the device to boot from an external SD card. By exploiting these two features, the attacker can access the root shell on the Linux operating system and perform the attack. By removing the rubber base of the Amazon Echo, researchers gained access to 18 debug pads which can be used to directly boot into the firmware of the device via an external SD card and install malware, enabling access to the root shell and giving researchers the ability to access the 'always listening' microphones.

"If you're an attacker, you could build a device, place it onto that pad, give it a minute or so then remove it and you'll have the capability to gain access to the entire operating system running at the highest privileged user you can be at this level," Mark Barnes, security consultant at MWR InfoSecurity, told.

All of this can be done without leaving any physical evidence, as the rubber base of the device can be reattached after the process is complete. Researchers were able to examine how audio media was processed on the device, and then developed scripts that leveraged functions that let the stream audio to a remote server -- all without impacting its functionality.

The eavesdropped audio could then be played back on a remote device, allowing researchers to listen in to conversations that took place in front of the attacked Echo. Barnes described how he was able to compromise the device: "First of all, I go about installing a remote shell, giving me the command line of the device over to my computer, so it's as if I'm on the computer inside the Echo itself as the boot user," he said.

"Then I worked out how the audio worked in the system, hooked myself in. Then I could keep listening to the audio -- that could then be sent through to the network and I could listen in through the microphone without the user being aware," Barnes added. Both the 2015 and 2016 versions of Amazon Echo have been confirmed to be vulnerable to this exploit. The 2017 version and the smaller Amazon Dot can't be attacked in this way, however.

While the physical effort involved in carrying out this attack means that it's very unlikely that hackers could compromise an Echo in such a manner -- especially when so many other Internet of Things devices with listening capabilities can be remotely attacked. However, IoT devices like this are becoming more and more common in the home and workplace.

Another feature which limits the impact of the hack is that all Amazon Echos come with a mute button which can turn off the microphone: anyone concerned about being snooped on can simply turn it off, and their conversations won't be able to be heard by the device or anyone who could potentially be listening in.

It's also possible to avoid much of the risk by ensuring any device purchased is bought brand new and from a trusted seller, which avoids the possibility of a previous owner having potentially tampered with the device. Users should also avoid lending out the device and ensure the software is kept up to date.

"Customer trust is very important to us. To help ensure the latest safeguards are in place, as a general rule, we recommend customers purchase Amazon devices from Amazon or a trusted retailer and that they keep their software up-to-date," an Amazon spokesperson told. The research illustrates how organisations looking to install Internet of Things devices should ensure they have an appropriate security policy that takes into account any potential new risks.

"The key takeaway is about ensuring that if you're producing a product that it has adequate security assessments and also if you're planning on buying things and bringing them into your business, you want them in a secure, trusted location," said Barnes.


Download SafeUM — communicate privately, without advertising and spam.

Tags:
surveillance Amazon
Source:
ZDNet
1507
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015