Hacking Alexa through Alexa’s Speech

Bruce Schneier posted about a vulnerability within Amazon tools that allows an attacker to instruct a tool to allow connections to unauthorized devices. This allows the attacker to take control of the system as long as he/she is within Bluetooth range. Details on this attack can be found on Bruce’s post found HERE.

The good news is the system has to be vulnerable and the attacker must be within voice distance to the device. The bad news is its pretty simple to execute. This type of attack shouldn’t be a huge shock but its worth knowing about if you have Alexa enabled devices connected to a network with sensitive equipment or you are concerned about somebody obtaining sensitive data from your Amazon devices.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.