HomeWinBuzzer NewsKaspersky Warns That Ultrasound Attacks Could Soon Control Your Digital Assistant

Kaspersky Warns That Ultrasound Attacks Could Soon Control Your Digital Assistant

Kaspersky Lab warns that attackers may soon be able to control user's smart speakers without them knowing it, using ultrasound or disguised music to perform silent commands.

-

When it comes to , user's main concern is often privacy. To enable their commands, the device must be listening all the time, and despite companies assurances that their data is safe, it creates a natural wariness.

However,  says users should also be worried about the voices of others – even if they can't hear them.

“In an article published in 2017, researchers from Zhejiang University presented a technique for taking covert control of voice assistants, named DolphinAttack, explains Kaspersky's Igor Kuksov.  “The research team converted voice commands into ultrasonic waves, with frequencies too high to be picked up by humans, but still recognizable by microphones in modern devices.”

As it turns out, assistants like Alexa, Cortana, and can hear better than we can. Researchers found that smart speakers can automatically hear and execute commands that humans are unaware of.

Bait-hoven

For now, this isn't a massive concern. Ultrasound is very short range unless you buy over 60 speakers like the University of Illinois. That could change in the future, though, and until then, attackers could use different techniques.

Kaspersky references work by the University of California that hid voice assistant commands in classical music and regular audio files. It managed to trick Mozilla's Deep Speech to navigate to evil.com with hidden noise in the sentence “without the data set the article is useless.”

These attacks are basically indistinguishable from a regular audio file and could be inadvertently played by users to navigate them to malicious sites or perform other tasks. Though these specific examples didn't work over the air, a combination of different techniques could create a successful exploit.

Before such attacks reach the mainstream, companies will have to come up with solutions. Theoretically, mitigations should be possible, but it's likely the attack landscape for smart speakers will continue to evolve, just like for PCs.

Ryan Maskell
Ryan Maskellhttps://ryanmaskell.co.uk
Ryan has had a passion for gaming and technology since early childhood. Fusing the skills from his Creative Writing and Publishing degree with profound technical knowledge, he enjoys covering news about Microsoft. As an avid writer, he is also working on his debut novel.

Recent News