How Criminals Can Hack Into Your Amazon Echo
Amazon Echo Hack: How It Works
Criminals are getting more sophisticated everyday and could hack into your new smart speakers to steal your personal data. The latest device they use to do that is the Amazon Echo.
Smart home speakers equipped with mics programmed to listen for everything you say may be turned into gadgets that could spy on everything you say. Devices such as Amazon Echo and Google Home are programmed to record your commands, but they’re also programmed to ignore everything you say unless you use a hot word to activate the assistants.
However, someone with physical access to an Amazon Echo device could hack it to send everything it hears to a remote server. Therefore, customers should remain vigilant as fraudsters could now easily hack into smart devices, with potential threats likely to include viruses and data protection issues. How is that possible?
Watch the video below to see how someone can easily hack into your Amazon Echo device:
Turning Your Amazon Echo Into a Wiretap
People think they are completely safe but there is just as much risk associated with using a smart TV as there is using with using any computer connected to the internet, especially when it comes to entering your personal data.
Some devices also come with default passwords, which you should change as soon as possible. You should also look wherever possible to limit the amount of information you are sharing from your connected devices.
How does it work?
British security researcher Mark Barnes recently detailed a method anyone can follow to install malware on an Amazon Echo, along with a code that would silently stream audio from the hacked device to his own faraway server.
The method requires gaining physical access to the targeted Echo, and it works only on devices manufactured in 2015 and 1016. There’s no software fix for older units and the attack can be done without leaving signs of hardware intrusion.
While that shouldn’t raise alarms for every Echo owner that hackers are about to hijack their smart speaker, it does raise questions about the security of the devices, which are increasingly left in hotel rooms or offices, out of their owners’ constant control, warns Barnes.
“We present a technique for rooting an Amazon Echo and then turning it into a wiretap”.
His write-up shows how he was able to install his own rogue software on the device, create a “root shell” that gives him access over the internet to the hacked Echo, and to “finally remotely snoop on its ‘always listening’ microphones.”
The Entry Point: The Rubber Base
The technique takes advantage of a security vulnerability Amazon left in its pre-2017 Echo units. Specifically, the hacker removes the rubber base of the device. Underneath there is a small grid of tiny metal pads that act as connections into its internal hardware, likely used for testing and fixing bugs in the devices before they were sold. One of those allows the Echo to read data from an SD card.
Barnes joined his own connections to two of the tiny metal pads, one wired to his laptop and another to an SD card reader. Then he used Amazon’s built-in functionality to load his own version of the Echo’s so-called “bootloader”—the deep-seated software in some devices that tells them how to boot their own operating system—from his SD card, including tweaks that turned off the operating system’s authentication measures and allowed him the advantage to install software on it.
3-D Printed Attachments Could Come Into Play
While the whole process left behind physical evidence – wires sticking out – Barnes says that with a bit more development, the pads could just as easily be accessed with a purpose-built device that uses pins to connect to them directly and more cleanly achieves the same effect but faster.
Additionally, an earlier paper by a group of researchers at the Citadel military academy in South Carolina identified the same pins, suggesting that hackers could use a 3-D-printed attachment to connect to them.
“You just peel off the little rubber base and you can access these pads straightaway,” Barnes explains. “You could make a device that would push onto the base, that you wouldn’t have to solder on, and that wouldn’t leave any obvious signs of manipulation.”
The process seems complicated for an average person, but not for hackers dedicated to their ‘craft’.
“Once we had root we examined the processes running on the device and the scripts that spawn these processes”, says Barnes.
“We were able to understand how audio media is being passed and buffered between processes and the tools that are used to create and interact with these audio buffers.”
“Using the provided ‘shmbuf_tool’ application developed by Amazon, we created a script that would continuously write the raw microphone data into a named fifo pipe which we then stream over TCP/IP to a remote service.”
“On the remote device, we receive the raw microphone audio, sample the data, and either save it as a .wav file or play it out of the speakers of the remote device.”
The Hack Could Happen In A Matter of Minutes
Barnes said the process from start to finish takes about two hours, but, with more work, he could develop a ready-made device that could be pushed onto the pads that would require only a few minutes to install.
Neither method works on 2017 models because Amazon engineers introduced a mitigation that joins two of the crucial debugging pads in a way that prevents external booting. The method also doesn’t work on the Amazon Dot.
However, Barnes said he has some ideas on ways he could root the latest models, which raises some concerns for the future.
Amazon Echo Hack: How to Avoid
Check the manufacture year by inspecting the original package. If it’s 2017 and a model number ending in 02, the device it’s not vulnerable. Echo users can also mute their devices at any time by pushing a physical button.
Many smart devices come with generic default passwords that are easy for hackers to guess. Set a strong and unique password, ideally with a mix of letters, numbers and special characters.
Update your software. Keeping software or firmware updated means that the latest security is installed on the device. Also, complete the set-up – all smart devices should be connected to a secure wi-fi network. This is because many use their own wi-fi during the set-up process which, if left unsecured, is an easy target for attackers located within range of the device.
What Is Amazon Echo
In case you didn’t know Amazon Echo is a brand of smart speakers developed by Amazon.com. According to Wikipedia’s description, “the devices connect to the voice-controlled intelligent personal assistant service Alexa, which responds to the name “Alexa”. This “wake word” can be changed by the user to “Amazon”, “Echo” or “Computer”. The device is capable of voice interaction, music playback, making to-do lists, setting alarms, streaming podcasts, playing audiobooks, and providing weather, traffic and other real-time information.”
“The first-generation Echo was initially limited to Amazon Prime members or by invitation, but became widely available in the United States on June 23, 2015. Press speculated that it would make its Canadian debut in mid-to-late 2016, after Amazon posted job listings for developers for Alexa and co-hosted a hackathon in Toronto.”
“The Echo became available in the United Kingdom on 28 September 2016. Additionally, the Alexa voice service is available to be added to other devices and other companies’ devices and services are encouraged to connect to it.”