Alexa, the connected Amazon speaker. Drawing. - Jessie Wardarski / AP / SIPA
Cybersecurity specialists at Check Point recently managed to hack the Alexa artificial intelligence system after detecting a security breach. Researchers warned Amazon, which took steps to end the vulnerability, reports Numerama .
Check Point experts exploited weaknesses in some sites in the amazon.com domain. They could then modify the programming from outside using HTML instructions. Once the changes were made, the researchers used phishing campaigns to trick users into the affected pages, thereby stealing customer credentials.
Hijacked Alexa functionalities
The "hackers" could then have access to these accounts and to all the features offered, modifying them at will. For example, specialists have set up a program that activates the camera when the customer asks for the weather forecast. Dozens of similar operations were possible thanks to the flaw.
Incidentally, the "good" hackers had access to the personal information of Amazon customers and their history of using Alexa. This is data that malicious hackers could have resold or used to remotely manipulate the approximately 200 million connected devices and objects operating with the virtual assistant.
Android: This fake WeTransfer app that is useless to serve ads
Android: Huge security breach affects 40% of smartphones worldwide
- High Tech
- Artificial intelligence
- Amazon Alexa