Researchers from Georgetown University and the University of California, Berkeley say cybercriminals could use hidden voice commands via popular YouTube videos to infect Androids and iPhones with malware.
Micah Sherr, a computer science department professor at Georgetown, says the research was inspired by the proliferation of voice-controlled systems. "Amazon Echo was coming out when we started this work," Sherr notes.
Since then, Google has launched Google Home, a similar always-listening device, and electronic devices lost in a messy bedroom can now be recovered by speaking “Okay Google” or “Hey Siri.”
The new research shows how keeping such devices on always-listen mode could lead to a cyberattack. Sherr says a cybercriminal could attempt to plant malware on the device using a hidden voice command. more