Wednesday 11 March 2020

MSU RESEARCH FINDS A NEW WAY TO HACK SIRI AND GOOGLE ASSISTANT WITH ULTRASONIC WAVES

Researchers at the Michigan State University College of Engineering have discovered a new way for hackers to inexpensively target personal devices and put Apple’s Siri and Google Assistant to work against smartphone owners. Qin Yan, assistant professor in the Department of Computer Science and Engineering and lead author of the research, said the research team discovered a new attack factor — inaudible vibrations that can be sent through wood, metal and glass tabletops to command voice assistant devices up to 30 feet away.

The research, SurfingAttack, was presented Feb. 24 at the Network and Distributed System Security Symposium in San Diego. Yan advises smartphone owners to be wary of public charging stations. “Hackers could use malicious ultrasonic waves to secretly control the voice assistants in your smart devices,” he said. “It can be activated using phrases like, ‘OK Google’ or ‘Hey Siri,’ as wake-up words. Then, attack commands can be generated to control your voice assistants, like ‘read my messages,’ or make a fraud call using software engineering vs computer science.

“In other words,” Yan said, “they can call your friends, family, and colleagues and do all sorts of things – from canceling plans to asking for money. If you are tech-savvy and own voice controllable smart home gadgets, hackers may even use your smartphones to control your smart gadgets, for example, setting home temperature or opening the garage door.” Yan said hackers attach a low-cost piezoelectric transducer under a table or charging station, making it possible for an attacker to inconspicuously hijack two-factor authentication codes and even place fraudulent calls.

No comments:

Post a Comment

Worldwide ability is rotating north to Canada

 Those were the expressions of Shopify CEO Tobias Lutke in a tweet tending to gifted ability that are as of now kept from working in the U.S...