Experts Warn That Hackers Could Be Spying On People's Amazon Echo
Published
| Last updated
Featured Image Credit: Amazon
Amazon's Echo smart speaker may be the latest must-have gadget but experts have revealed that it might not as secure as people think.
The speaker lets you control a virtual assistant called Alexa by using your voice, but it seems that hackers can get access to it.
Echo only picks up what you're saying if you actually say the word "Alexa" out loud. However a team of security experts have proved that they can spy anyone speaking near the device.
The expert team from China's Tencent Corporation demonstrated the attack at the DefCon security conference this weekend.
Researchers Wu Huiyu and Qian Wenxiang shared their alarming findings with Amazon who have since pushed out security fixes.
The researchers told Wired: "After several months of research, we successfully break the Amazon Echo by using multiple vulnerabilities in the Amazon Echo system, and [achieve] remote eavesdropping."
To break into the Echo the team had to take one apart and removed a flash memory chip from inside.
They then rewrote the firmware on the chip with their own hacked code and soldered it back onto the Echo's logic board. They were then able to use this to gain access to other Amazon Echo speakers.
All they had to do was put their Echo on the same Wi-Fi network as the speakers. This then allowed them to hear what was being said on the other end.
Cleary this type of security breach isn't something just anyone and everyone can do as the hacker would need major technical knowledge and enough time alone with the Echo speaker they intend to hack.
An Amazon spokesperson told The Sun: "Customer trust is important to us and we take security seriously.
"This issue would have required a malicious actor to have physical access to a customer's device and the ability to modify the device hardware.
"Customers do not need to take any action as their devices have been automatically updated with security fixes."