Vulnerabilities in older editions of the Amazon Echo can let hackers transform the digital assistant into a covert listening device, researchers have claimed. As a result, the exploit, which can be done without affecting the device's functionality, could place a wiretap in your living room.
Research published on Tuesday 1 August by MWR InfoSecurity detailed how its experts found the Amazon Echo to be susceptible to a physical attack, allowing a hacker to gain control over the device and install malware, listen in on conversations and steal private data.
By removing a rubber base at the bottom of the Amazon Echo, the research team could access the 18 debug pads and directly boot into the firmware of the device, via an external SD card, installing malware without leaving any physical evidence of tampering.
The researchers said they were able to gain "remote root shell access" that enabled them to access the 'always listening' microphones on the machines.
You can see the full analysis report here.
The vulnerability has been confirmed to affect older versions of the Echo released in 2015 and 2016. Luckily for users who recently purchased the device, the 2017 edition of the Echo is not at risk.
The smaller Amazon Dot model also does not carry the vulnerability.
"The rooting of the Amazon Echo device in itself was trivial; however, it raises a number of important questions for manufacturers of internet enabled or 'smart home' devices," said Mark Barnes, security consultant at MWR InfoSecurity, in a statement.
"The biggest limitation of this vulnerability is the need for physical access to the device itself," he continued. "But it shouldn't be taken for granted that consumers won't expose the devices to uncontrolled environments that places their security and privacy at risk."
The security firm said there are a number of methods to reduce the harm from such a hack, including taking advantage of the built-in mute button, constantly monitoring home networks for any sign of unusual activity and ensuring devices are only purchased from trusted sources.
An Amazon spokesperson said: "Customer trust is very important to us. To help ensure the latest safeguards are in place, as a general rule, we recommend customers purchase Amazon devices from Amazon or a trusted retailer and that they keep their software up-to-date."
In some ways it's not a surprise the devices were hacked, especially via physical tampering. With enough time, white hat hackers will able to crack most devices on the market. It does, however, reinforce the fact that web-connected devices need to have a strong focus on security.
"What this research highlights is the need for manufacturers to think about both the physical and digital security risks that the devices may be subjected too and mitigate them at the design and development stage," MWR InfoSecurity's Barnes continued.
"Whilst Amazon has done a considerable amount to minimise the potential attack surface, these two hardware design choices – unprotected debug pads and hardware configuration setting that allows the device to boot via an external SD card – could expose consumers to an unnecessary risk."