Security Vulnerabilities of Amazon Echo and Other Virtual Assistants

A few security loopholes recently discovered in popular virtual assistants speak volumes about their potential risks, so manufacturers must prepare for such attacks on their devices.

David Balaban -
Illustration: © IoT For All

Virtual assistants occupy a very special niche in the global IoT ecosystem. They make the concepts of artificial intelligence and machine learning migrate from the realm of cutting-edge tech toward something close at hand and affordable. The speech recognition and synthesis features built into these devices emulate the feel of real-world communication, thereby bridging the emotional gap between the user and the soulless machine.

Furthermore, many of them can become a pivotal part of home automation due to their ability to control other connected devices such as smart locks, lights, thermostats, TVs and more. The list of benefits goes on and on, so it comes as no surprise that Amazon Echo, Google Home and other awesome voice assistants have already made millions of homes more “intelligent” and keep creating ripples in the market.

Mass production of these smart appliances has considerably lowered the price tag, but there is a flip side to mainstream adoption. Manufacturers might prioritize business goals over security in an attempt to outperform their competitors. This can be a slippery slope. A few security loopholes recently discovered in popular virtual assistants speak volumes about the potential risks.

Amazon Echo and Kindle Devices Exposed to a Wi-Fi Protocol Flaw

Ever heard of KRACK? No, it’s not an awkward misspelling. It’s a term coined by two Belgian researchers in 2017, denoting a series of weaknesses in the WPA2 protocol dubbed the “Key Reinstallation Attack.” The issue revolves around an imperfection in the four-way handshake, a technique used to exchange authentication data and encrypt the traffic in modern wireless networks.

In October 2019, analysts from the ESET Smart Home Research Team discovered that a plethora of Internet-enabled gadgets, including virtual assistants, continue to be susceptible to this bug, even though it’s been two years since the experts originally spread the word about their findings. Moreover, it turns out that this issue isn’t restricted to low-end products from lesser-known brands. According to ESET, millions of Amazon Echo 1st generation smart speakers and Amazon Kindle 8th generation e-readers are at risk as well.

To be precise, the above-mentioned devices by Amazon are exposed to two KRACK vulnerabilities cataloged as CVE-2017-13077 and CVE-2017-13078. The former allows an attacker to reinstall the pairwise encryption key in the course of the four-way handshake, and the latter makes it possible to alter the group temporal key along the way. In plain words, this type of unauthorized access can give a cyber intruder the green light to do the following:

  • Decrypt all information submitted by the user
  • Perform a DoS attack by replaying old data packets
  • Wreak havoc with network communication
  • Forge data packets
  • Steal the victim’s credentials

It’s worth mentioning that an attacker needs to be within radio range to take advantage of these flaws, and yet such a crude implementation of Wi-Fi security definitely shouldn’t be the case with devices as popular as Echo and Kindle. Thankfully, Amazon rolled out a patch for these flaws in early 2019 in response to the researchers’ report. It came with a new release of wpa_supplicant, an app tasked with proper authentication to a wireless network. Although the fix should have already arrived in the unprotected smart speakers, it’s a good idea for users to check their current firmware version and check that it’s up to date. As an additional protection step, it’s good to connect all your IoT devices via a VPN router.

Yandex Station’s Sound Activation Leaking Wi-Fi Passwords

Yandex, Russia’s major technology company, stepped into the voice assistant industry by introducing its own smart speaker called Yandex Station in late May 2018. The device goes with a Russian-speaking virtual assistant, Alice, onboard and boasts a decent set of voice-based features. Among other things, it can play requested music via the vendor’s proprietary multimedia service, order pizza, run web searches, provide weather information and cast videos to TV. This seems like a commendable initiative overall, but with the caveat that the initial device setup may expose the user’s Wi-Fi credentials to an attacker.

The process of the first-time activation relies on an audio token generated by the Yandex smartphone application. It should be played in close proximity to the speaker. This R2D2-style earcon conveys the authentication details for the wireless network and the provider’s services. Technically, it’s a portion of the user’s sensitive data converted to sound according to a predefined algorithm. Yandex Station instantly decodes it and configures itself to become a part of the wireless home network.

A security enthusiast named Sergey Krupnik, who goes by the alias Krupnikas, analyzed this activation process and found a way to extract secret credentials from the “magical” audio message. He tried a number of different passwords and scrutinized the deviations in the frequencies and other parameters of the resulting sounds. This allowed the researcher to identify the specific place in the signal that holds data about the Wi-Fi network’s SSID and password. He also determined a method to retrieve these details in hexadecimal format and easily convert them back to plaintext.

Obviously, the likelihood of privacy violation is minimal in this case because the attacker has to be nearby and record the message. One way or another, the analyst let the manufacturer know about his findings in May 2019 but hasn’t received a response ever since. It appears that the wow effect is more important to the vendor than the security of the smart speaker setup process.

Dodgy Apps on Alexa and Google Home Can Snoop on Users

In theory, voice apps for Amazon Alexa (so-called “skills”) and Google Home (referred to as “actions”) can take the user experience to a whole new level. In practice, they may be a mixed blessing due to eavesdropping behind one’s back.

Analysts from SRLabs, a German hacking research firm, recently made a newsmaking discovery. They found that a few extra characters surreptitiously added to a voice app’s code can turn it into a cyber spy. A booby-trapped “skill” or “action” can listen to the unsuspecting user’s conversations while pretending to be inactive. The app may also execute an attacker’s command to request the victim’s passwords under the guise of authorizing an important security update.

To demonstrate this exploitation vector, the researchers created a few benign voice applications that passed the initial security review procedures of Amazon and Google. Then, they modified the code of these apps to make them spy on users.

For instance, one of the tweaks in the experimental Alexa “skill” was an unpronounceable character string “�. ” (U+D801, dot, space) concatenated to a speech prompt. This way, the application can continue its session while remaining silent as if it were disabled. By inserting the above string multiple times, the developer can prolong this misleading silence. Meanwhile, the app is listening to the victim and sending the recorded conversations to its author’s server.

Things were similarly disconcerting with the test “action” for Google Home. SRLabs analysts faked the app’s inactivity by appending its code with a specific Speech Synthesis Markup Language (SSML) element or a series of Unicode characters that cannot be pronounced. With these changes in place, the speaker generates a “Bye” message to make the user think that the application has been turned off while its session actually continues in silent mode.

The researchers also demonstrated a password phishing attack, where a malicious voice app tries to hoodwink the user into disclosing his or her credentials. The bait is a phony security update allegedly available for the device. The application instructs the victim to say, “Start update” and then pronounce their password, which goes to the attacker.


It might appear that attack scenarios with the above-mentioned security flaws at their core are mostly theoretical at this point. The first two vulnerabilities can only be exploited if a malefactor is nearby, and the third hack is a proof of concept. However, none of these restrictions is an obstacle for a well-motivated attacker. Different attack scenarios were described several years ago.

What about the countermeasures? First and foremost, vendors need to release security updates of their devices’ firmware on a regular basis. This is what Amazon did to address the KRACK bug highlighted above, and it worked. Also, voice apps should be subject to mandatory review every time the developers change their code. And lastly, brands should maintain a reasonable balance between the coolness of their virtual assistants’ features and the security of these devices.

David Balaban, Privacy PC

Guest Writer
Guest Writer
Guest writers are IoT experts and enthusiasts interested in sharing their insights with the IoT industry through IoT For All.
Guest writers are IoT experts and enthusiasts interested in sharing their insights with the IoT industry through IoT For All.