

At Defcon, Tencent's Wu HuiYu and Qian Wenxiang presented Breaking Smart Speakers: We are Listening to You, detailing their work in successfully exploiting an Amazon Alexa speaker, albeit in a very difficult-to-achieve fashion.



For the exploit, the researchers first modified an Alexa speaker they controlled, swapping out some of its soldered-on components to allow them to compromise it. This became the device they used to attack other, unmodified Alexas: by joining their doctored Alexa to the same LAN as an unmodified second-generation Alexa device, they could use the built in "Whole Home Audio" system to turn their speaker into a listening bug that relayed all the audio from the target Alexa speakers, without those target devices giving any indication that they were transmitting.

The researchers disclosed their attack to Amazon prior to their presentation, and Amazon has already pushed a patch that addresses it to current Alexa owners.

This attack is a very difficult-to-replicate feat, but it represents an early step in exploiting the Alexas, with more likely to come. It has serious implications for environments with lots of shared Alexa devices, such as the plan to put Alexa devices in hotels — a hacker using this technique could potentially spy on all the guests in the hotel.

The researchers also hinted at potential "evil maid" attacks on Alexa (in which someone with a short period of physical access to a device implants malware on it), noting that it only took minutes for them to change the firmware on an Alexa speaker.

The presentation is also suggestive of the kinds of attacks that state actors ("advanced persistent threats") might bring to bear on their targets.