Amazon And Google Allowed Malicious Apps To Eavesdrop On Recordings

Anil - Oct 22, 2019


Amazon And Google Allowed Malicious Apps To Eavesdrop On Recordings

Needless to say, we should be more aware of such potential threats to self-defense our privacy fortress.

Smart speakers now have to face a lot of criticism when they’re becoming a hot topic for those who are worried about their privacy (of course, most of us are included). Whatever kinds of ways they do, either listening in on users’ recordings or giving auditors the ability to access location data, they draw a slew of both worries and angriness from us. Ironically, a team of security experts has just revealed that Google Home and Amazon Alexa did approve risky apps to be installed, meaning that they could easily turn into cyber thieves.

Https Specials Images Forbesimg Com Dam Imageserve
Smart speakers likely made chaos.

Known as Skills and Actions for respectively Amazon Alexa and Google Home, a firm called Security Researcher Labs reportedly stood behind them. According to Ars Technica, they were able to exploit security vulnerabilities to hack users’ devices. SRL also wrote a bunch of apps for other platforms, which weren't as what it appeared to be. For example, a horoscope app promoted with legitimate skills actually kept malicious code behind the closed door.

Google 4474295 1280
Those malicious apps were accepted by moderation teams.

The apps were used to phish users to harvest their personal data such as passwords, alongside eavesdropping on them even when the speaker seemed to listen to nothing else. Those malicious apps were accepted by moderation teams until the researchers disclosed such issues to both Google and Amazon. As per researchers from SLR, both Google and Amazon need to deploy a better protecting solution to prevent such attacks. Of course, this should be first done during the review process.

Meanwhile, both tech giants apparently never stop lifting up their app-reviewing processes, but there are still so many malicious apps that are prevailing and polluting Google’s Play Store. Needless to say, we should be more aware of such potential threats to self-defense our privacy fortress.

Comments

Sort by Newest | Popular

Next Story