Hackers might have stolen your Alexa’s voice library and account information
A new Alexa bug, recently revealed by cybersecurity researchers, showed that hackers have been able to target specific individuals and get unauthorized access to their voice library and account information. The vulnerability, now patched by Amazon, has not only been granting access to private information to bad actors, but they might have even been able to install new skills to the device. The revelation comes as yet another hit to voice assistants who have been shown to have security and privacy weaknesses since the moment they were released. Amazon declined that there have been any known cases of individuals being targeted by hackers using this particular technique.
Why would hackers want to steal your voice history?
If hackers have enough voice recordings, they can force a device such as Alexa to do something the device is not supposed to. They can get the gadget to open a malicious website or even get access to a connected bank account. Your voice could also be used to pass voice low-grade verification systems. In the recordings on Alexa, you might have something that could be used for blackmailing by criminals. While taking advantage of so many vulnerabilities at the same time is not something an average hacker can do, the fact that this has been possible for an undisclosed amount of time is undoubtedly scary.
Voice history could also be used to create audio deepfakes. While this is generally not a concern for everyday people, smart AI software might be able to explore how you talk and use the voice to create a conversation that never existed. In today’s world of politicized and fake news, a deepfake can cause significant damage to anyone, even if it is later proved to be false. Fake news sometimes ends up being seen millions of times before social media networks can react and remove them. Such content is often reproduced and reused again, making it hard for media platforms to contain the spread.
Even though voice assistants such as Alexa, Google Assistant, and others have been around for many years, the devices are not yet perfect, and security faults are not uncommon. The best way to make sure that you are not being listened to by a voice assistant device at home is to either not buy it or plug it off when you want to enjoy full privacy.
When hackers discuss possible targets, they never really say if something is possible, but how much effort they would need to put into hacking it. So basically, almost every system and device connected to the global network can somehow be traced and hacked. The good news is that antivirus software often makes the lives of hackers harder than usual, so having top-notch protection on your connected device is a must – one thing hackers love most is easy targets.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
Panda Free Antivitus
FREE TECHNICAL SUPPORT
