• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Spying Amazon Echo – Daily Security Byte

August 2, 2017 By Corey Nachreiner

The media has always been fascinated with devices spying on you. When researchers hacked TVs with a built in microphone, everyone wanted to know what hackers would turn into bugs next. Always listening electronic assistants like Alexa, Cortana, and Siri made obvious targets, but no one had cracked those products. That is, until now. Researchers at MWR InfoSecurity have found a way to hack an Amazon Echo and turn it into a remote listening device. The good news is it requires physical access and significant work to pull off. Watch the video below for more details, and make sure not to let shady criminals take apart your Echo.

Episode Runtime: 2:57

Direct YouTube Link: https://www.youtube.com/watch?v=B6IIaSjmXWI

EPISODE REFERENCES:

  • Researcher’s post on hacking the Amazon Echo – MWR InfoSecurity

Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Hacking

Comments

  1. Scott says

    August 7, 2017 at 11:57 am

    Although I doubt someone would take your echo apart and do that. People could modify them and sell them on ebay to unsuspecting buyers.

    Reply
  2. Gus says

    August 11, 2017 at 2:59 pm

    US government has been known to intercept delivery of networking devices to install trojaned versions of their OSs

    I guess this could be a cheap way of listening to a targets home remotely

    Reply
    • Teri Radichel says

      August 16, 2017 at 5:43 am

      Yes, this is a consideration when using an Echo. Jeff Bezos talks about Echo security here: https://www.cnbc.com/2016/10/20/jeff-bezos-explains-why-the-echo-is-harder-to-hack-than-smartphones.html

      The echo can be turned off when not in use or a sensitive conversation is taking place. Additionally, a network administrator could set up firewall rules to ensure echo traffic is only going to Amazon potentially. I was taking a look at home IOT devices and what traffic was flowing and figured out a few Amazon IP Ranges here: http://randominternet.blogspot.com.br/2017/06/home-iot-ports-echo-apple-and.html

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use