11
Alexa and Google Home abused to eavesdrop and phish passwords

Alexa and Google Home abused to eavesdrop and phish passwords

5 years ago
Anonymous $JavybBYWR5

https://arstechnica.com/information-technology/2019/10/alexa-and-google-home-abused-to-eavesdrop-and-phish-passwords/

By now, the privacy threats posed by Amazon Alexa and Google Home are common knowledge. Workers for both companies routinely listen to audio of users—recordings of which can be kept forever—and the sounds the devices capture can be used in criminal trials.

Now, there's a new concern: malicious apps developed by third parties and hosted by Amazon or Google. The threat isn't just theoretical. Whitehat hackers at Germany's Security Research Labs developed eight apps—four Alexa "skills" and four Google Home "actions"—that all passed Amazon or Google security-vetting processes. The skills or actions posed as simple apps for checking horoscopes, with the exception of one, which masqueraded as a random-number generator. Behind the scenes, these "smart spies," as the researchers call them, surreptitiously eavesdropped on users and phished for their passwords.

Last Seen
18 minutes ago
Reputation
0
Spam
0.000
Last Seen
7 hours ago
Reputation
0
Spam
0.000
Last Seen
34 minutes ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
32 minutes ago
Reputation
0
Spam
0.000
Last Seen
47 minutes ago
Reputation
0
Spam
0.000
Last Seen
39 minutes ago
Reputation
0
Spam
0.000
Last Seen
6 minutes ago
Reputation
0
Spam
0.000
Last Seen
54 minutes ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000
Last Seen
about an hour ago
Reputation
0
Spam
0.000