The world’s biggest tech companies have devoted huge resources to voice assistants such as Siri or Alexa. Yet despite a user base numbering in the millions, these apps have serious flaws as researchers at Zhejiang University, China, recently showed.
They found a gaping vulnerability that can be easily exploited by hackers who only need to send ultrasound commands to the voice assistant to gain access to personal information.
This is a very sneaky exploit since a hacker can take command of your handheld device standing right next to you. You’ll never notice since the voice commands are ‘whispered’ in ultrasounds, whose frequencies are above the human audible range (20Hz to 20kHz).
Although we can’t hear this mosquito squeal, the software’s voice command software is perfectly capable of picking the ultrasound frequencies which it decodes as instructions.