Ultrasonic waves do not make a sound, which means that the device can get hacked without alerting the owner.
People enjoy convenience in their daily lives. Thus, smart assistants are trending. Currently, you can find a smart speaker in four out of ten homes in the U.S. It is estimated that the U.S. smart speaker market will almost double by 2025. Voice-assisted speakers took the market by storm. In 2014, only half percent of U.S. households had them, compared to 40 percent at the moment.
In February 2020, a team of researchers hacked voice assistants on 15 of 17 popular smartphones. They tested both Apple (Siri) and Android (Google assistant) devices.
The main findings were:
Firstly, ultrasound can travel through solid surfaces to activate voice assistants. The waves are able to move through metal, wood, silicone rubber, and glass. In the experiment, the actual device transmitting ultrasonic waves was under the table, completely undetectable.
Secondly, it is possible to hear what the assistant answers and to continue the interaction. To do so, the first command sent to the device turns down the volume to a minimum. Then, the assistant’s responses get drowned in the noise of a busy street or a cafe.
Yet, sensitive microphones can intercept and amplify the response sound. Hence, hackers could carry out the attack while the phone owner is completely unaware. Using this approach, researchers were able to read messages, take photos, and make calls on the victim’s device.
This raises security concerns, as some banks use message authentication to access the account. Overall, findings lead to many new hacking opportunities.
On the matter, Rachel Welch, Chief Operating Officer of Atlas VPN, voiced her concern:
“The biggest issue with voice assistants - they are listening day and night. It is true that Siri or Google Assistant only answer when you mention their names. Yet, to detect when their names were mentioned, they have to listen continuously.”
To read the full report, head over to: