Some models of Sonos and Bose speakers exist vulnerability that allows the hacker to use these devices to play sound weird or send Alexa command, thereby affecting these intelligent voice assistant speakers controlled door locks, air conditioning, and lighting of smart home technology.
Attacker through scanning the Internet found loopholes in the device. Once a vulnerable speaker is found, attackers can instruct these devices through the API to play any audio file on a particular URL.
“The impacted models allow any device on the same network to access the APIs they use to interface with apps like Spotify or Pandora without any sort of authentication.” reads the post published by Wired. “Tapping into that API, the researchers could simply ask the speakers to play an audio file hosted at any URL they chose, and the speakers would obey.”
Trend Micro security experts have found that there is a risk of audio hijacking for 2,500 to 5,000 Sonos devices and 400 to 500 Bose devices. Even more surprising is that the Voice Assistant device can control the smart home technology of locks, air conditioners and lighting equipment to launch attacks. 2018, due to smart home and other things security equipment problems caused by the Internet of Things security issues will become increasingly frequent. On the matter, Trend Micro said,
Whereas previous studies focused on seizing control of speakers like the Amazon Echo and Google Home, the results of our case study led to unique findings. These include security gaps that resulted from a simple open port that gave anyone on the internet access to the device and user information.” reads the post published by Trend Micro. “The first glaring finding was access to email addresses that are linked to music streaming services synced with the device. Another was access to a list of devices as well as shared folders that were on the same network as the test device. “
Researchers tested with devices running older versions of Sonos software, revealing that these devices leak details such as the IP address and device ID of the speaker access device. Trend Micro proposed this attack theory has been put into practice. Earlier this year, a Sonos user said his speaker started playing strange sounds. Trend Micro reported its findings to Sonos, and Sonos quickly fixed issues such as denial of service vulnerabilities, and Bose has not yet reacted.
Reference: securityaffairs