At Defcon, Tencent's Wu HuiYu and Qian Wenxiang presented Breaking Smart Speakers: We are Listening to You, detailing their work in successfully exploiting an Amazon Alexa speaker, albeit in a very difficult-to-achieve fashion.
For the exploit, the researchers first modified an Alexa speaker they controlled, swapping out some of its soldered-on components to allow them to compromise it. This became the device they used to attack other, unmodified Alexas: by joining their doctored Alexa to the same LAN as an unmodified second-generation Alexa device, they could use the built in "Whole Home Audio" system to turn their speaker into a listening bug that relayed all the audio from the target Alexa speakers, without those target devices giving any indication that they were transmitting.
The researchers disclosed their attack to Amazon prior to their presentation, and Amazon has already pushed a patch that addresses it to current Alexa owners.
This attack is a very difficult-to-replicate feat, but it represents an early step in exploiting the Alexas, with more likely to come. It has serious implications for environments with lots of shared Alexa devices, such as the plan to put Alexa devices in hotels — a hacker using this technique could potentially spy on all the guests in the hotel.
The researchers also hinted at potential "evil maid" attacks on Alexa (in which someone with a short period of physical access to a device implants malware on it), noting that it only took minutes for them to change the firmware on an Alexa speaker.
The presentation is also suggestive of the kinds of attacks that state actors ("advanced persistent threats") might bring to bear on their targets.
The researchers' attack, though already patched, demonstrates how hackers can tie together a devious collection of tricks to create an intricate multistep penetration technique that works against even a relatively secure gadget like the Echo. They start by taking apart an Echo of their own, removing its flash chip, writing their own firmware to it, and re-soldering the chip back to the Echo's motherboard. That altered Echo will serve as a tool for attacking other Echoes: Using a series of web vulnerabilities in the Alexa interface on Amazon.com that included cross-site scripting, URL redirection, and HTTPS downgrade attacks—all since fixed by Amazon—they say that they could link their hacked Echo with a target user's Amazon account.
If they can then get that doctored Echo onto the same Wi-Fi network as a target device, the hackers can take advantage of a software component of Amazon's speakers, known as Whole Home Audio Daemon, that the devices use to communicate with other Echoes in the same network. That daemon contained a vulnerability that the hackers found they could exploit via their hacked Echo to gain full control over the target speaker, including the ability to make the Echo play any sound they chose, or more worryingly, silently record and transmit audio to a faraway spy.
Hackers Turned an Amazon Echo Into a Spy Bug [Andy Greenberg/Wired]