Q
Problem solve Get help with specific problems with your technologies, process and projects.

How does an Amazon Echo vulnerability enable attackers to eavesdrop?

Hackers could take advantage of a physical Amazon Echo vulnerability to turn the Echo into a listening device. Judith Myerson explains how this works and what can be done about it.

Research from MWR InfoSecurity Ltd. shows that threat actors can install malware on an Amazon Echo and turn it...

into a listening device. How effective is this attack, and is there any way to determine if an Amazon Echo has been compromised?

An attacker needs to gain a root shell on the Linux operating system to install malware and exploit this Amazon Echo vulnerability.

By removing the rubber base of the Amazon Echo, the attacker could use an external SD card to boot into the device's firmware as the MWR researchers demonstrated. After putting the base back, a tech-savvy attacker could use a mobile device to remotely access the always-listening microphone. The audio could be streamed to a remote server, played out of the speakers or saved as a WAV file.

The listening microphone will wake up after the victim says "Alexa." Everything the victim says is then recorded in the background. This includes telling the Echo what music to play, who to call and when to send messages. The victim could get the news he wants and the scores for his favorite sports. Other options the victim could use are controlling lights, TVs, thermostats and garage doors. When used with a mobile device running the Alexa app -- on the Android or iPhone -- the victim could orally search for consumer items using the Echo as a virtual assistant device. The attacker would get a gold mine of the victim's shopping preferences.

The physical Amazon Echo vulnerability affects the 2015 and 2016 editions of the Amazon device. The 2017 edition and the Amazon Echo Dot model are free from this vulnerability.

It is not possible to apply software or firmware updates to correct the design flaw in the affected Echo models, and there is no way for the victim to determine if the vulnerability on the physical device has been exploited.

The victim may find it inconvenient to physically turn on the mute button to disable the microphone or to fully turn off the Echo. A better approach to protect against this Amazon Echo vulnerability is to monitor the network traffic on your mobile device and look for any anomalous activity that might indicate a compromise. Many monitoring tools for mobile devices are available. If there is suspicious traffic on your Echo, you may want to think about replacing it with a newer model.

Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)

Next Steps

Learn how to manage and monitor hybrid networks

Discover more about cyber-physical attacks

Find out why Amazon is paying out for developers with Alexa skills

This was last published in October 2017

Dig Deeper on Wireless network security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Are you worried about these types of Amazon Echo attacks? Why or why not?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close