Hackers Can Use Siri, Alexa and Google Now To Take Control Of Your Devices Remotely.
CuriousBytes: Researchers have figured a way how Hackers can now take control of your devices like Smartphones and Home Assistants that come with Personal Assistants like Alexa, Google Now and Siri. This new technique is called DolphinAttack and can be used remotely. Check the full article for more details about DolphinAttack.
Today Digital Assistants are present in every smart device. They are inside your phone, your home assistant and even inside your car. People are relying more on these Virtual assistants and this led hackers to target these assistants and gain control over user data.
Smartphones have become a part of our daily lives. Companies like Google, Amazon, Apple and Facebook are working to develop more smarter products, but it is not without risks.
The more they become smarter the more they process data and the more they are targeted. Hackers today can even crack down the Face recognition technology and can gain control over smart devices.
Researchers at Zhejiang University have demonstrated a way how digital assistants in smartphones, smart home products and even cars can be hacked using a completely inaudible frequency.
To be simple these Digital Assistants are tricked by sounds that are not audible to human ears.
This method of taking control over voice assistant-powered devices is called DolphinAttack, as this technique uses ultrasonic frequencies to mimic commands like “Hey Siri”, “Alexa” and “Okay Google” that turn on these assistants.
The researchers published a paper about this technique and this paper explains about the DolphinAttack. “In this paper, we propose DolphinAttack, an inaudible attack to SR systems. DolphinAttack leverages the AM (amplitude modulation) technique to modulate audible voice commands on ultrasonic carriers by which the command signals cannot be perceived by human,” the researchers said in their study.
Their study explains that these speech recognition systems can be comprised using DolphinAttack and hackers can execute commands like activating Siri to make a FaceTime call, activating Google Now to turn device to Airplane mode, and can even re-route the navigation system in an Audi.
To the greater extent hackers can even force the device to download a Malicious code from a remote server to infect your device or network.
Here is a demonstration video of the DolphinAttack where researchers initiated a call without directly talking to Siri in an audible tone.
The setup used in the above demonstration isn’t that sophisticated and one can easily find them in any electronics store as the setup basically consists of an amplifier, an ultrasonic transducer and a battery.
The more the surroundings are free from disturbances the more is the success rate for DolphinAttack. In busy areas like streets it is not easy to perform the attack as the nearby sounds interfere with the ultrasonic frequencies.
How To Protect Yourself From DolphinAttack?
As these digital assistants are generally present in smartphones hackers are likely to target these devices. The hidden truth is that these virtual assistants come with an option to turn on the devices using certain phrases and this setting is turned ON by default.
Turning of this setting can reduce the risk of getting hacked through this technique.
In iOS powered devices, you can go to Settings > General > Siri and turn off “Allow Hey Siri“.
In Android-powered phones, you can open the Google app, tap Menu Settings from the top left, select Voice “Ok Google” detection and turn it off.
What do you think of such hacking techniques? Do you think is it safe to use Virtual Assistants? Tell us your opinion in the comments below.