Security researchers say they found a way to make Amazon’s Alexa digital assistant listen in on its users indefinitely — and provide a transcript of everything said in front of the device.
Researchers at cybersecurity firm Checkmarx were able to create an Alexa skill — an application for the voice-activated assistant — which was able to eavesdrop on users.
“We went through the whole process of how Alexa communicates with the user and tried to take the view of the hacker and go step by step to see how we could leverage something that might seen benign, that might not seem risky but make it a risk,” Amit Ashbel, cyber security evangelist at Checkmarx told ZDNet.
Latest posts by Arden Rubens (see all)
- Uses CxSAST to Develop Secure Software - May 17, 2018
- CxSAST for Amazon Web Services - May 15, 2018
- Amazon’s Alexa could be tricked into snooping on users, say security researchers - May 7, 2018