Amazon Echo is a smart speaker that the Amazon company launched some time ago on global markets, the product being highly sought after by consumers. Amazon Echo has a very good reputation because it offers a very good user experience, but it seems that it also has a major vulnerability that allows hackers to compromise the units to listen to our conversations.
The Amazon Echo must be physically modified by the hacker to gain access to the microphone remotely, and for now only models released before 2017 are affected. After exploiting an Amazon Echo unit, hackers can listen to absolutely everything that happens around such a device, they can practically spy on all the conversations that people have, without them knowing what is happening.
Amazon Echo can be exploited through this method to steal security tokens, as they provide access to other data from the smart box. To compromise the security of an Amazon Echo unit, it is necessary to insert an SD card when it starts, it contains software that rewrites the unit's operating system to allow audio recordings to be sent to hackers.
Amazon Echo – hackers can listen to all conversations
Amazon Echo with a rewritten operating system works just like a normal unit, so the user doesn't actually know what the hacker did with the unit. However, considering that it is necessary to insert an SD card into the Amazon Echo unit and rewrite the operating system, the procedure is neither simple nor very short, so the hacker must have access to the product for several tens of minutes.
Amazon Echo products uni 2015 and 2016 are vulnerable to this type of attack, those from Amazon confirming that the problem exists at the moment. Amazon recommends that customers install all updates for Amazon Echo that are available, but this does not protect them against attacks of this kind, because rewriting the operating system also deletes those updates.
“[The attack] does require physical access, which is a major limitation. However, product developers should not take it for granted that their customers won't expose their devices to uncontrolled environments such as hotel rooms."
Amazon Echo is an extremely popular smart speaker, and this vulnerability discovered now reveals just how dangerous it is to use these products. Basically, if a smart speaker like Amazon Echo can be hacked and the conversations can be monitored, then the ill-intentioned people can know everything we talk at any time, without any evidence of any hack.
