6
New Ultrasound Attack Can Secretly Hijack Phones and Smart Speakers - Slashdot
source link: https://it.slashdot.org/story/23/04/06/2221257/new-ultrasound-attack-can-secretly-hijack-phones-and-smart-speakers
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
New Ultrasound Attack Can Secretly Hijack Phones and Smart Speakersbinspamdupenotthebestofftopicslownewsdaystalestupid freshfunnyinsightfulinterestingmaybe offtopicflamebaittrollredundantoverrated insightfulinterestinginformativefunnyunderrated descriptive typodupeerror
Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 30 million monthly users. It takes less than a minute. Get new users downloading your project releases today!Sign up for the Slashdot newsletter! or check out the new Slashdot job board to browse remote jobs or jobs in your area
×
Academics in the US have developed an attack dubbed NUIT, for Near-Ultrasound Inaudible Trojan, that exploits vulnerabilities in smart device microphones and voice assistants to silently and remotely access smart phones and home devices. The Register reports: The research team -- Guenevere Chen, an associate professor at the University of Texas at San Antonio, her doctoral student Qi Xia, and Shouhuai Xu, a professor at the University of Colorado Colorado Springs -- found Apple's Siri, Google's Assistant, Microsoft's Cortana, and Amazon's Alexa are all vulnerable to NUIT attacks, albeit to different degrees. In an interview with The Register this month, Chen and Xia demonstrated two separate NUIT attacks: NUIT-1, which emits sounds to exploit a victim's smart speaker to attack the same victim's microphone and voice assistant on the same device, and NUIT-2, which exploits a victim's speaker to attack the same victim's microphone and voice assistant on a different device. Ideally, for the attacker, these sounds should be inaudible to humans.
The attacks work by modulating voice commands into near-ultrasound inaudible signals so that humans can't hear them but the voice assistant will still respond to them. These signals are then embedded into a carrier, such as an app or YouTube video. When a vulnerable device picks up the carrier, it ends up obeying the hidden embedded commands. Attackers can use social engineering to trick the victim into playing the sound clip, Xia explained. "And once the victim plays this clip, voluntarily or involuntarily, the attacker can manipulate your Siri to do something, for example, open your door."
For NUIT-1 attacks, using Siri, the answer is yes. The boffins found they could control an iPhone's volume so that a silent instruction to Siri generates an inaudible response. The other three voice assistants -- Google's, Cortana, and Alexa -- are still susceptible to the attacks, but for NUIT-1, the technique can't silence devices' response so the victim may notice shenanigans are afoot. It's also worth noting that the length of malicious commands must be below 77 milliseconds -- that's the average reaction time for the four voice assistants across multiple devices.
In a NUIT-2 attack, the attacker exploits the speaker on one device to attack the microphone and associated voice assistant of a second device. These attacks aren't limited by the 77-millisecond window and thus give the attacker a broader range of possible action commands. An attacker could use this scenario during Zooms meeting, for example: if an attendee unmutes themself, and their phone is placed next to their computer, an attacker could use an embedded attack signal to attack that attendees phone. The researchers will publish their research and demonstrate the NUIT attacks at the USENIX Security Symposium in August.
The attacks work by modulating voice commands into near-ultrasound inaudible signals so that humans can't hear them but the voice assistant will still respond to them. These signals are then embedded into a carrier, such as an app or YouTube video. When a vulnerable device picks up the carrier, it ends up obeying the hidden embedded commands. Attackers can use social engineering to trick the victim into playing the sound clip, Xia explained. "And once the victim plays this clip, voluntarily or involuntarily, the attacker can manipulate your Siri to do something, for example, open your door."
For NUIT-1 attacks, using Siri, the answer is yes. The boffins found they could control an iPhone's volume so that a silent instruction to Siri generates an inaudible response. The other three voice assistants -- Google's, Cortana, and Alexa -- are still susceptible to the attacks, but for NUIT-1, the technique can't silence devices' response so the victim may notice shenanigans are afoot. It's also worth noting that the length of malicious commands must be below 77 milliseconds -- that's the average reaction time for the four voice assistants across multiple devices.
In a NUIT-2 attack, the attacker exploits the speaker on one device to attack the microphone and associated voice assistant of a second device. These attacks aren't limited by the 77-millisecond window and thus give the attacker a broader range of possible action commands. An attacker could use this scenario during Zooms meeting, for example: if an attendee unmutes themself, and their phone is placed next to their computer, an attacker could use an embedded attack signal to attack that attendees phone. The researchers will publish their research and demonstrate the NUIT attacks at the USENIX Security Symposium in August.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK