Announcement

Collapse
No announcement yet.

Turn a smart speaker into a password stealing device

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Turn a smart speaker into a password stealing device

    It's dismayingly easy to make an app that turns a smart speaker into a password stealing listening device and sneak it past the manufacturer's security checks O_o

    German security researchers from Security Research Lab created a suite of apps for Google and Amazon smart speakers that did trivial things for their users, appeared to finish and go dormant, but which actually stayed in listening mode, then phished the user for passwords spoken aloud to exfiltrate to a malicious actor; all their apps were successfully smuggled past the companies app store security checks.





    https://boingboing.net/2019/10/20/verify-me.html

    https://arstechnica.com/information-...ish-passwords/
    The Hackmaster
Working...
X