Created an app that changed functionality without requiring
Posted: Tue Feb 11, 2025 4:16 am
— We found a solution for voice assistants from companies A and G.
— Can you give more details?
— We have learned to obtain the user password of such an assistant.
- How so?
— re-verification. Specifically, we change the welcome message to a fake error message, “This skill is currently unavailable in your country,” making the user think the app is not running and not listening. Then we added a long pause in the audio after the error message, forcing the voice app to “say” a sequence of characters. Since this sequence is difficult to pronounce, the speaker remains silent while active. If you force the app to “say” the characters multiple times, the duration of this silence increases. Finally, after a while, the silence will end and a phishing message will play, “An important security update is available for your device. Say “Start update” and enter your password.” That’s it, we have the password.
- And you will be able to enter a password and make the gadget listen to everything that is said after that?
- That's right! We checked. It works.
- Well done! The problem is solved!
Do you use voice assistants? Use them! It will be canada whatsapp data for someone to listen to you!
Cybersecurity for Big Business: Kaspersky Lab's Comprehensive Approach
10/30/2020
The more a business relies on digital technologies in all aspects of its activities, the more susceptible it is to all sorts of cyber threats. Industrial espionage, data compromise followed by extortion, damage to a competitor's reputation - these are just a few examples of sophisticated attacks on companies of all sizes. Moreover, the larger the company, the bigger the jackpot the attackers will be able to hit if they succeed. Kaspersky Lab experts know exactly how to counter cyber threats, and for large businesses they recommend a comprehensive information security system made up of products and services for various purposes that best meet the needs of each individual customer.
The relevance of the moment
Why should protection be comprehensive, covering all possible directions of cyberattacks, external and internal? Because the attacks themselves in today's reality are increasingly complex, aimed from different sides at several potentially vulnerable areas of the corporate security system. The time of lone attackers who released homemade viruses into the early Internet and created the first botnets out of pure enthusiasm has long passed. Today, cybercrime is a shadow industry with a solid financial turnover, the most large-scale activities of which are developed, planned and financed at the level of serious business projects. And what can resist a corporation better than another corporation?
— Can you give more details?
— We have learned to obtain the user password of such an assistant.
- How so?
— re-verification. Specifically, we change the welcome message to a fake error message, “This skill is currently unavailable in your country,” making the user think the app is not running and not listening. Then we added a long pause in the audio after the error message, forcing the voice app to “say” a sequence of characters. Since this sequence is difficult to pronounce, the speaker remains silent while active. If you force the app to “say” the characters multiple times, the duration of this silence increases. Finally, after a while, the silence will end and a phishing message will play, “An important security update is available for your device. Say “Start update” and enter your password.” That’s it, we have the password.
- And you will be able to enter a password and make the gadget listen to everything that is said after that?
- That's right! We checked. It works.
- Well done! The problem is solved!
Do you use voice assistants? Use them! It will be canada whatsapp data for someone to listen to you!
Cybersecurity for Big Business: Kaspersky Lab's Comprehensive Approach
10/30/2020
The more a business relies on digital technologies in all aspects of its activities, the more susceptible it is to all sorts of cyber threats. Industrial espionage, data compromise followed by extortion, damage to a competitor's reputation - these are just a few examples of sophisticated attacks on companies of all sizes. Moreover, the larger the company, the bigger the jackpot the attackers will be able to hit if they succeed. Kaspersky Lab experts know exactly how to counter cyber threats, and for large businesses they recommend a comprehensive information security system made up of products and services for various purposes that best meet the needs of each individual customer.
The relevance of the moment
Why should protection be comprehensive, covering all possible directions of cyberattacks, external and internal? Because the attacks themselves in today's reality are increasingly complex, aimed from different sides at several potentially vulnerable areas of the corporate security system. The time of lone attackers who released homemade viruses into the early Internet and created the first botnets out of pure enthusiasm has long passed. Today, cybercrime is a shadow industry with a solid financial turnover, the most large-scale activities of which are developed, planned and financed at the level of serious business projects. And what can resist a corporation better than another corporation?