A British security researcher has demonstrated how the Amazon Echo, a wi-fi connected smart speaker, can be turned into a surveillance tool without the owner’s knowledge.
Wired reports at its website the device can be hacked in just a few minutes without leaving any evidence. A hacker would need physical access to the Echo, and the technique works only on devices that were sold before 2017. However, the researcher, Mark Barnes, says there is no software fix for the modification and homeowners would have no way of knowing the device had been altered.
The Echo is part of the “internet of things,” devices that allow their owners to access the internet, turn up the heat, lock and unlock windows and doors, and interact digitally with the world around them. With the added convenience comes added privacy risks.
In this case, Wired says, Barnes explained his technique and offered “proof of concept” code that would permit the Echo to stream an audio signal to a server elsewhere, essentially turning the Echo into an always-on wiretap.
“The Amazon Echo is vulnerable to a physical attack that allows an attacker to gain a root shell on the underlying Linux operating system and install malware without leaving physical evidence of tampering,” Barnes writes. “Such malware could grant an attacker persistent remote access to the device, steal customer authentication tokens, and the ability to stream live microphone audio to remote services without altering the functionality of the device.”
Barnes’s technical paper details how the hacker would gain access to tiny pads on the base of the Echo by removing a rubber base. Barnes soldered in connections to an SD card and his laptop, allowing him to bypass the system’s authentication measures and install his own software. With a little more development, Barnes says, it would be possible to make the connections in just a few minutes.
The software modifications allow Barnes to take over the Echo’s microphones and stream audio to any remote computer he selects. The changes also would allow a hacker to gain access to other parts of the owner’s network, including the owner’s Amazon account, and install ransomware, Wired said.
Amazon has fixed the flaw in the most recent versions of Echo. Barnes, however, warned that people should be wary of the security risks of Echos that are installed in public and semi-public spaces — such as hotel rooms.