Blog

Researchers say they tricked Alexa into spying on them

By Nick V
May 7, 2018

Researchers at security firm Checkmarx say they built a proof-of-concept skill for Amazon’s Echo devices that in theory could have voice assistant Alexa listen to, transcribe, and report what users said after they thought they had finished using a legitimate service.

They took advantage of a feature that allows a skill to extend the time it listens to users after it’s been activated if it prompts them for more information by playing an inaudible prompt. That way, their skill, which offered a simple calculator, could keep getting transcripts from Alexa of what users said without them getting any audio cue that the device was still listening. A light would likely have been visible on affected devices, Threatpost reports, but users wouldn’t notice it unless they looked at the device.

About the Author

Nick V

See All Blogs >

Nick V

See All Blogs >

About the Author

Never miss an update. Subscribe today!

By submitting my information to Checkmarx, I hereby consent to the terms and conditions found in the Checkmarx Privacy Policy and to
the processing of my personal data as described therein. By clicking submit below, you consent to allow Checkmarx
to store and process the personal information submitted above to provide you the content requested.

More Resources to Consider

The Hidden Supply Chain Risks in Open-Source AI Models

•

November 27, 2023

Checkmarx + Vulcan Cyber: Enabling Customers to Mitigate AI Vulnerabilities

•

November 21, 2023

SCS_vision_blog

Attacker – hidden in plain sight for nearly six months – targeting Python developers

•

November 16, 2023

Python obfuscation traps

•

November 8, 2023

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.