“Alexa, Stop Spying on Me”: Hackers Reveal How Smart Speakers Can Become Spying Devices

As a team of researchers recently demonstrated, the biggest threat to your privacy could be lurking in your home or office.

Smart speakers like Amazon Echo and Google Home have certainly made life more convenient—but have they also increased the risk that we could be spied on by our own devices? It’s certainly possible, as two researchers from Tencent Blade Team (a Chinese company that investigates tech security concerns) revealed at the latest Defcon hacking conference.

The researchers demonstrated that hackers can turn popular smart speakers into spy bugs, listening in on their unsuspecting owners. But before you take a baseball bat to your speaker, here’s what you need to know about this threat.

From smart speaker to sneaky spy bug

The researchers from Tencent Blade Team modified an Amazon Echo and removed its flash memory, along with other important components. Then they gave the flash memory new software and put it back into the speaker. This allowed them to identify several vulnerabilities in the speaker’s interface over a period of several months. Among these were bugs that hackers could potentially use to connect the speaker with the owner’s Amazon account.

If an attacker hacked into the user’s Wi-Fi network, they could then gain remote control of the speaker and record the owner’s private conversations. The victim would have no idea that their speaker was compromised.

Amazon on high alert

After Tencent’s presentation, Amazon promptly fixed the vulnerabilities across all its Echo speakers. If you have one of these devices, these updates were installed automatically. That means you no longer need to worry about hackers listening in on you—at least, not through this particular method.

Tencent says their goal is “to make the Internet a safer place for everyone.” They’ve already exposed more than 70 vulnerabilities in products made by manufacturers like Apple and Google.

Keep your smart speakers and more safe from threats

It’s fortunate for Amazon that Tencent discovered these smart speaker vulnerabilities and alerted the company—but most hackers won’t draw attention to a weak spot before they exploit it. That’s why it’s best to remain  alert, following the latest cyber security news and taking appropriate preventative measures whenever you can.

Whether it’s spying, stealing data, or modifying controls, hackers can attack your business in a number of devious ways. If they catch you unprepared, your organization could experience devastating breaches—putting time, money, and even your reputation on the line.

eMazzanti can help you put safeguards in check to protect your business, and the privacy of your clients. Reach out to us today to find out more about our cyber security solutions.