The Limited Times

Now you can see non-English news...

Amazon fixes an important vulnerability in its voice assistant Alexa

2020-08-13T11:28:10.846Z


The flaw, which would not have been exploited, allowed unauthorized access to users' personal information, according to cybersecurity company Check Point.


US giant Amazon has fixed a significant vulnerability in its flagship voice assistant Alexa allowing unauthorized access to users' personal information, a cybersecurity company said Thursday. " We are not aware of any case of use of this vulnerability against our customers or of exposure of information about customers, " an Amazon spokesperson told AFP, who said he had corrected the problem soon after it is reported. Same indication from Oded Vanunu, Head of Product Vulnerability Research at Check Point. "Alexa has been on our minds for some time now, given its ubiquity and connection to other IoT devices. It is these digital mega-platforms that can do us the most harm, ”he warned.

Read also: Alexa users tapped: a worrying legal vagueness

In a statement, the researchers at Check Point Research claim to have " identified vulnerabilities in certain Amazon / Alexa subdomains that could allow a hacker to remove / install skills on the targeted victim's Alexa account, access their history of voice exchanges and personal data ”(history of bank data, telephone numbers and home address).

An Alexa " skill " is a voice application added to the original functionality of the assistant. They have access to users' personal data and allow interaction with other connected objects (lights, doors, shutters, etc.).

One click

According to the researchers, " the attack required only a single click from the user on a malicious link created by the hacker " but originating from Amazon's systems to function. Hackers could then take advantage of voice interaction with one of the skills installed to access information.

Smart speakers and virtual assistants are so common that it's easy to overlook the amount of personal data they hold and their role in controlling other smart devices in our homes. Hackers see them as entry points into people's lives, to access data, listen to conversations or perform other malicious actions without the knowledge of their owner, ”Oded Vanunu continued in the statement.

To read also: The Alexa speaker, "witness" of a murder in the United States?

According to eMarketer, 74.2 million Americans were equipped with a voice assistant in 2019, or 26% of Internet users. Alexa, which notably equips Amazon's Echo speakers, remains dominant in this market with 72.9% of users according to the same source, followed by Google Assistant with 31.7% (some people are equipped with several assistants at the same time) , but faces more competition outside the United States.

Source: lefigaro

All news articles on 2020-08-13

You may like

News/Politics 2024-03-13T11:33:21.770Z
Life/Entertain 2024-03-19T07:19:44.696Z

Trends 24h

News/Politics 2024-03-28T06:04:53.137Z

Latest

© Communities 2019 - Privacy

The information on this site is from external sources that are not under our control.
The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.