Hackers Reveal How Smart Speakers Can Become Spying Devices

“Alexa, Stop Spying on Me”: Hackers Reveal How Smart Speakers Can Become Spying Devices

As a team of researchers recently demonstrated, the biggest threat to your privacy could be lurking in your home or office.

Smart speakers like Amazon Echo and Google Home have certainly made life more convenient—but have they also increased the risk that we could be spied on by our own devices? It’s certainly possible, as two researchers from Tencent Blade Team (a Chinese company that investigates tech security concerns) revealed at the latest Defcon hacking conference.

The researchers demonstrated that hackers can turn popular smart speakers into spy bugs, listening in on their unsuspecting owners. But before you take a baseball bat to your speaker, here’s what you need to know about this threat.

From smart speaker to sneaky spy bug

The researchers from Tencent Blade Team modified an Amazon Echo and removed its flash memory, along with other important components. Then they gave the flash memory new software and put it back into the speaker. This allowed them to identify several vulnerabilities in the speaker’s interface over a period of several months. Among these were bugs that hackers could potentially use to connect the speaker with the owner’s Amazon account.

If an attacker hacked into the user’s Wi-Fi network, they could then gain remote control of the speaker and record the owner’s private conversations. The victim would have no idea that their speaker was compromised.

Amazon on high alert

After Tencent’s presentation, Amazon promptly fixed the vulnerabilities across all its Echo speakers. If you have one of these devices, these updates were installed automatically. That means you no longer need to worry about hackers listening in on you—at least, not through this particular method.

Tencent says their goal is “to make the Internet a safer place for everyone.” They’ve already exposed more than 70 vulnerabilities in products made by manufacturers like Apple and Google.

Keep your smart speakers and more safe from threats

It’s fortunate for Amazon that Tencent discovered these smart speaker vulnerabilities and alerted the company—but most hackers won’t draw attention to a weak spot before they exploit it. That’s why it’s best to remain  alert, following the latest cyber security news and taking appropriate preventative measures whenever you can.

Whether it’s spying, stealing data, or modifying controls, hackers can attack your business in a number of devious ways. If they catch you unprepared, your organization could experience devastating breaches—putting time, money, and even your reputation on the line.

eMazzanti can help you put safeguards in check to protect your business, and the privacy of your clients. Reach out to us today to find out more about our cyber security solutions.

Bryan Antepara: IT Specialist

Bryan Antepara is a leader in Cloud engagements with a demonstrated history of digital transformation of business processes with the user of Microsoft Technologies powered by the team of eMazzanti Technologies engineers.

Bryan has a strong experience working with Office 365 cloud solutions, Business Process, Internet Information Services (IIS), Microsoft Office Suite, Exchange Online, SharePoint Online, and Customer Service.

He has the ability to handle the complexity of moving data in and out of containers and cloud sessions, makes him the perfect candidate to help organizations large and small migrate to new and more efficient platforms.  Bryan is a graduate of the University of South Florida and is Microsoft Certification holder.



Video Resources

Are You It Resources Effective In The New Normal


Are Your IT Resources Effective in the New Normal?

Align2020 A Virtual Conference


Align 2020
Cyber Security, Compliance & Collaboration

Best Practices For Working In A Modern, Mobile, And Secure Environment


Best Practices for Working in a Modern, Mobile, and Secure Environment