There is no day where you don’t see information about the lack of security and the vulnerabilities of the voice assistants. The last one comes from the german investigation group of cybersecurity Security Research Labs that clearly points the devices of Google and Amazon. This asociation says that the develpment of third parties apps for these devices can also allow the cyberdelinquents to spy or attack with phising to the users.
As explained in Security Research Labs, the intelligent speakers of both companies are being demanded more and more and, of course, external developers, also create specific apps for these devices, which gives every time a higher number of functionalities. When this functionalities raise, it also raises the posibilities of more vulnerabilities. And this is what the german investigators found. These vulnerabilities of Amazon and Google can make a cyberdelinquent to impersonate the identity of an user, which would allow the data obtention and private personal information, and also to spy the users.
According to Security Research Lab, a developer could create a phising app for the voice assistants of Google and Amazon.
Through the developing interfaces, the investigators of the german company achieved to compromise the privacy of the user’s data by gathering and asking for personal data, including the users’ passwords. Besides, they could hear what the users were saying though they thought that the speakers had stopped hearing.
The risk of phising.
Nearly all the news that have been written about intelligent speakers had relation with the spy thread. But now the cyber delinquent can go further because, according to Security Research Labs, a developer could create a phising app and like this, and the same as the email, the speaker can inform incorrectly the user that it is necessary to say their access key, for example, a fake system update.