Amazon put a quick stop to an issue in Alexa’s skill set after Chexmarx researchers reported that her skill set could be expanded to listen in on users not just some of the time but all of the time.
According to a Checkmarx research paper, Alexa skills can be developed in different languages using the Alexa skill set, which integrates with the AWS-Lambda function. The personal assistant device is always listening for the user’s voice so that when recognized, Alexa is activated.
Under normal circumstances, users receive an audio indication after tasks are completed to let them know that Alexa has gone to sleep. This makes it clear that she’s no longer recording. Yet, the researchers were able to augment Alexa’s skills so that she was continually recording.
"We went through the whole process of how Alexa communicates with the user and tried to take the view of the hacker and go step by step to see how we could leverage something that might seem benign, that might not seem risky but make it a risk," Amit Ashbel, cyber security evangelist at Checkmarx, told ZDNet.
The researchers chose the seemingly benign calculator skill as the hiding spot for the malicious task. Any user who activated the app would then unknowingly install the eavesdropper skill. Once Alexa solved all of the requested math problems, she stayed on despite the user thinking the session was over.
As the microphone function was still activated, the device both listened to and transcribed whatever tidbits of information Alexa overheard. "You think the session is over, but actually it is continuing all the time, recording your words and sending your transcription to the hacker. There's no limit to the length of the session, the number of words or sentences, it just keeps on going until you turn it off," said Erez Yalon, manager of application security research at Checkmarx.
Notable from the video is the obvious flaw in the attack itself. Alexa remains lit up like a Roman candle, an indication that the device is still active.
After Checkmarx disclosed their research to Amazon, the problem was resolved so that silent cycles are no longer permissible. "It now also detects longer than usual sessions and warns users, so maybe they've mitigated future attacks," Yalon added.