Amazon's Alexa is one of the most popular digital assistants in the market. Besides its own branded Echo devices, the American technology company has collaborated to offer its voice assistant in smart speakers, television, phones, and other Internet-of-Things (IoT) gadgets around the world.
It can be noted that more than 200 million Alexa-based devices of the aforementioned home automation range of products are sold every year.
Now, a Check Point Security Research report has emerged claiming the several millions of such devices linked to Amazon or Alexa subdomains are vulnerable to hackers and can remotely control and even steal sensitive information.
“Smart speakers and virtual assistants are so commonplace that it’s easy to overlook just how much personal data they hold, and their role in controlling other smart devices in our homes. But hackers see them as entry points into peoples’ lives, giving them the opportunity to access data, eavesdrop on conversations or conduct other malicious actions without the owner being aware,” said Oded Vanunu, Head of Products Vulnerabilities Research at Check Point.
Vulnerabilities in Amazon Alexa-based devices could have allowed bad actors to remotely control them, install illegal skills (applications), retrieve voice data of the owner, extract personal information including financial such as banking data history, usernames, phone numbers, and home address, view the full list of skills (apps) Alexa user’s account) and silently remove an installed skill (app).
After detecting the security loopholes in the Amazon/Alexa subdomains, Check Point reported the details to Amazon and the latter has fixed the issues.
Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.