The smarter our gadgets become, the more likely hackers will try to exploit them at any cost. With virtual assistants being all the rage these days, it’s not surprising that someone would find a way to control them remotely without the user having any idea, and that’s just what researchers from China’s Zheijiang University have managed to accomplish.
The system the group came up with uses high frequency sound to skirt the upper limits of human hearing, but is still capable of being detected by electronic devices. The researchers were able to successfully translate normal voice commands into ultrasound, which were then tested against over a dozen different voice assistant systems including Siri, Alexa, Google Assistant, and Cortana. The commands were universally obeyed, and even though the humans can’t hear the communication happening, the digital helpers heard it loud and clear.
Researchers call the system “DolphinAttack,” in a nod to the high-pitched chatter of the aquatic mammals, and while it’s certainly an impressive proof of concept, it doesn’t really pose much danger to the average person. That’s mainly because for the ultrasound commands to be heard by the target device, the person being “hacked” needs to be extremely close to attacker, and in a relatively quiet environment — you wouldn’t have much luck targeting someone from across a room or even the other side of a booth in a busy restaurant.
On top of that, unlock codes and passwords almost always serve as guardians of key virtual assistant commands, especially when it comes to mobile payments. In short, you probably don’t have to worry about your virtual assistant accidentally emptying your bank account to a nearby hacker, at least for now.