Scientists working for European authorities have discovered a new method to quickly and remotely control a virtual assistant on the users’ smart phones, like Google Now or Siri, according to the reviews published in tech media. The method is innovative but restricted at the same time, operating only across short ranges and requiring the victim to have its microphone-enabled headphones connected to their phone. The hackers uses the fact that an earphone cable can also act as a make shift antenna, with continuous attacks that deliver electro-magnetic pulses to the cable and that are then turned into audio feedback. The targeted device translates these signals as regular speech instructions, enabling hackers to perform regular tasks that all normal users can do on their phones.
Without saying a single word, a skilled hacker can use a cyber strike by telling Google Now or Siri to call people and deliver text information, make a switch with the hacker’s device to turn your phone into a portable eavesdropping gadget. Less dangerous attacks include sending the smart phone’s web browser to various malware sites or deliver junk and phishing data via your personal e-mail address or your Twitter and Facebook private accounts.
The probability of generating parasitic alerts on the audio interface of devices with voice-command capabilities could increase crucial protection effects, the scientists have written in their report after they found this risk. Their research was performed on part of European governmental authorities that manage computer protection, and was already released in the journals specialized in the tech field. They provided a short example of online hackers using this strategy in a populated bar or mall: sending out a number of electro-magnetic signals could make many mobile phones to automatically contact various paid numbers and generate a significant amount of cash for them.
By changing the direction of these signals and triggering the electrical pattern of a certain key on your phone, the radio impulses can activate Siri from under its lock screen without any command from the client. It is not required to have your always-on vocal interface and it does not create the smart phone less secure, it just makes a cyber strike less complex.
Luckily, there are still many restrictions for all potential hackers. To begin with, as well as necessitating a set of headphones with microphone to be connected into the phone, the device must have its vocal instructions enabled on the screen. This is a standard feature for an iPhone, but it is not enabled on many gadgets working on Android, and it can be quickly disabled on these operating systems, while customers might just observe that their device is doing something unusual. There is also the issue of close range action.
By using devices tiny enough to fit into their pocket, the IT experts gave been able to hack several mobile devices over a range of just 6 feet. If the components were enlarged to fit into a vehicle, this distance would still be under approximately 20 feet. Nevertheless, it is an innovative technique and it shows some hidden protection problems with the integration of a virtual assistant, but the reality is there are not so many online risks that you can avoid so easily.
image source: WMpoweruser