You can send malicious commands to Siri and Alexa using UltraSonic Frequencies

The comparatively simple method is called DolphinAttack. Researchers first turned human voice commands into ultrasonic frequencies over 20,000 Hz. They then just played them back from a regular smartphone provided with an amplifier, ultrasonic transducer and battery smaller than $3 worth of parts.

What performs the attack scary is the evidence that it works on just about anything: Siri, Google Assistant, Samsung S Voice and Alexa, on gadgets like smartphones, iPads, MacBooks, Amazon Echo and also an Audi Q3 16 tech products and seven system in total. What’s worse, “the muffled voice commands can be accurately interpreted by the SR speech recognition operations on all the tested hardware.” Suffice to say, it runs even if the attacker has no device way and the owner has taken the basic security precautions.

The group successfully tested instructions like “Call 123-456-7890,” “open Dolphinattack.com” and “Open the rear door,” leaving owners exposed to data, or worse, real life attacks. It was even able to modify the navigation on an Audi Q3.

There’s one bit of good news: At this time, the device has a range of five or six feet, so it’s of short use unless researchers can improve the power. You’d also have to have your assistant activated, in the case of Siri or Google Assistant, and if a high ultrasonic commanded activated, those arrangements would make a tone or reply back, alerting the user.

So, for a hack to work, you’d have your assistant unlocked and not really be paying thought, a fairly unlikely scenario. However, if you’re in a public place with your phone unlocked, a nearby attacker could probably gain access.

Device producers could stop this simply by programming it to ignore commands at 20 kHz or other wavelengths that humans can’t possibly speak in. However, the team found that every major AI assistant-enabled Tech Piece currently accepts such commands without dropping a beat. As to why the microphones even work at such frequencies (up to 42,000 Hz), cleaning them out might lower a system’s “inclusion score,” an industrial designer told Fast Co. Some devices, like the Chromecast, also use it for high ultrasonic device pairing.

Take your time to comment on this article.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil