Some researchers from Zhejiang University, China have published a new study that claims that hackers could easily take control of voice assistants using “inaudible ultrasound commands.” Potential criminals could gain access to a user’s device (smartphones, tablets, laptops) by using ultrasound on platforms like Siri, Alexa or Google Assistant, a report by The Verge reads.
A research conducted by Zhejiang University
A report by Fast Company states that utilizing ultrasound as a discreet form of digital communication is common. Advertisers take full advantage of it all the time.
They integrate inaudible (ultrasonic) code in the TV commercials that they broadcast. They influence the consumers’ minds through this method. But researchers from Zhejiang University feel that the same method can also be used by hackers to take over one’s smart device. The method that involves the use of ultrasonic sounds to influence something is called, “Dolphin Attack.”
According to a report by The Daily Mail, this method can easily be used by hackers to download a virus into a system. If they are able to gain access to one’s device, then they can very well send fake messages and swipe off personal information from the user’s accounts. Dolphin Attack is only completely operational if there is a certain type of vulnerability in systems.
The primary characteristic that is put to use under Dolphin Attack, is the device’s microphone. Since they are low-frequency audio commands, a human can’t possibly hear it.
These are the most suited devices for Dolphin Attack
The Daily Mail report further goes on to state that those systems that have the “Always On” feature inbuilt are more susceptible to Dolphin Attacks.
The new study discovered that up to 16 different types of devices can be attacked using this method. This list includes: Audi Q3, iPhone 4s to iPhone 7 Plus models, Amazon Echo, Apple Watch and iPad Mini 4, Lenovo ThinkPad T440 laptop, Samsung Galaxy S6 Edge, Apple MacBook laptop, ASUS Nexus 7, Honor 7 smartphone and the list continues.
The team from Zhejiang University even carried out a live experiment on Samsung’s Galaxy S6 Edge. They made use of an audio frequency of around 20kHz to launch an attack on the smartphone’s system. They attempted at carrying the attack out from a range of 1.7 meters and were successful at it. This technique is extremely dangerous and gives unimaginable power to hackers without being detected.
