Novel Attack Turns Amazon Devices Against Themselves
Researchers have figured out that they can remotely manipulate Amazon’s Echo smart device via its own speakers. The discovery was made by researchers at the University of London and the University of Catania. The flaw stems from what is referred to as a command self-issue vulnerability, meaning that pre-recorded messages played over a 3rd or 4th generation Echo speaker causes the speaker to perform actions on itself. Therefore, as smart speakers lay dormant during the day they could be activated when an audio file produced by the device itself contains a voice command. Although certain actions require confirmation for certain actions, the adversary has about six seconds to respond with “yes” to ensure success.
An attacker would need a smartphone or laptop within Bluetooth pairing range, however, to launch the attack. Unlike internet-based attacks, this one requires proximity to the Echo speaker being targeted. Researchers noted that Bluetooth devices can connect and disconnect from the Echo without needed to perform the pairing process again when it has been completed once. Therefore, an attack could happen several days after the pairing. Additionally, an attacker could use an internet radio station and target Echo like a command-and-control server.