Researchers Hacked Amazon's Alexa To Spy On Users, Again

New submitter lod123 writes: A malicious proof-of-concept Amazon Echo Skill shows how attackers can abuse the Alexa virtual assistant to eavesdrop on consumers with smart devices -- and automatically transcribe every word said. Checkmarx researchers told Threatpost that they created a proof-of-concept Alexa Skill that abuses the virtual assistant's built-in request capabilities. The rogue Skill begins with the initiation of an Alexa voice-command session that fails to terminate (stop listening) after the command is given. Next, any recorded audio is transcribed (if voices are captured) and a text transcript is sent to a hacker. Checkmarx said it brought its proof-of-concept attack to Amazon's attention and that the company fixed a coding flaw that allowed the rogue Skill to capture prolonged audio on April 10.

My Alexa is air gapped

No hacking possible. It was the only way to have this nifty toy and be safe.

Re:My Alexa is air gapped

[93+Escort+Wagon]

No hacking possible. It was the only way to have this nifty toy and be safe.

I just left mine sitting on a shelf in an Amazon warehouse, unordered. I think that's the safest option.

No they didn't

[bistromath007]

This is like claiming you've hacked a glass to be able to hold water.

ObXKCD

[Zontar+The+Mindless]

Dear Editors,

Please save us some trouble and just start including this in every Alexa/Siri story posted here.

Thanks and regards,

--Z.

Re:How do you know if your echo has been patched?

[goombah99]

Did you try "sudo make me a sandwich"?