SMART home devices like the Amazon Echo can make your life way easier – but they’re not immune to causing a problem or two.
Hackers are always lurking and perfecting their techniques to break into smart devices.
1
Smart bugging
Hackers can install malware onto Amazon Echo devices that can be used to turn the gadget into a remote listening device.
This can then be used to pick up on general activity in the home so they know when it’s empty.
In 2017, British hacker Mark Barnes revealed how hackers could stream audio from an Echo device using a soldered SD card.
Luckily, this technique is not easy and can’t be done remotely.
The hacker has to have had access to the device in order to do this.
Soon after Barnes alerted people to this hack, Amazon made it nearly impossible for others to do so from 2017 onwards.
To better protect yourself, make sure you’re buying second hand Echo devices from reputable sources.
Check to see if the seller has sold items before, and whether they have good reviews.
Most read in Tech
Fake Alexa skills
Avid Alexa users are very familiar with the different skills the virtual voice assistant has, which are designed and offered by Amazon.
But users can actually download different skills from third-party developers.
Many of these can be helpful, and used to do things such as adding events to your Google calendar or even ordering pizza.
However, cyber criminals have been known to create Alexa skills that mask malware.
In 2018, researchers from Indiana University, the Chinese Academy of Science, and the University of Virginia found that using accents and mispronunciations could also inadvertently lead to accessing fake Alexa skills that masquerade as popular services.
For example, instead of saying “Alexa, install Capital One”, hackers can create an app called “Capital Won” which can be downloaded instead.
These can be used to gather personal information to be sold off to third parties.
The best way to avoid this is to frequently check your Alexa skills to make sure they are official applications.
However, it should be noted that Amazon has tough policies against this behaviour.
Any offending skills Amazon identifies are blocked during certification or quickly deactivated.
Voice faking
The third and final method is one that is expected to grow more common alongside the development of artificial intelligence (AI).
AI has become exceptional good at voice cloning in recent months.
But hackers can use voice faking tools to pretend to be you, which means they can access any accounts that are connected to the device.
To protect yourself against this, it’s wise to never post videos of yourself speaking commands online.
But as AI becomes smarter, you should also consider limiting how much you post your voice online in other clips.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
