Associate Professor Guinevera Chen from the American University of UTSA and a team of researchers have revealed a new attack on voice assistants, such as Apple Siri, Google Assistant, Amazon Alexa or Microsoft Cortana. The findings were presented at the recent USENIX Security 2023 security symposium.
Their research involves a newly developed “parotor-free triang” or “Near-Ultrasound Inaudible Trojan” (NUIT) to demonstrate how hackers can exploit ordinary smart homes to gain entry into owner’s personal data. They have been able to attack various devices, including smartphones, internet of things (IoT) devices, smart home systems, smart wearables, medical devices, vehicles and remote monitoring devices.
The use of NUIT has exposed a vulnerability that could lead to widespread data breaches and other forms of cybersecurity attacks for voice assistant users.
The research has significant implications for the increasing number of users worldwide who rely on the voice assistant technology without being aware of the security risk. The study emphasizes the importance of smart device manufacturers to undertake robust security measures to ensure that users’ personal data remain secure.
Voice assistant users should be aware of the security issues and ensure that they take adequate measures, such as setting strong passwords and not sharing personal information with unauthorized parties, to protect their personal data.