Researchers at Germany’s SRLabs found two hacking scenarios — eavesdropping and phishing — for both Amazon Alexa
and Google Home/Nest devices. They created eight voice apps (Skills for
Alexa and Actions for Google Home) to demonstrate the hacks that turns
these smart speakers into smart spies. The malicious voice apps created
by SRLabs easily passed through Amazon and Google’s individual screening
processes...
For eavesdropping, the researchers used the same horoscope app for
Amazon’s smart speaker. The app tricks the user into believing that it
has been stopped while it silently listens in the background. more