Serious Security Flaws Are Found in Google Assistant and Samsung Bixby

Must Read

Bhaswati Sarkar
Bhaswati Sarkar
She is a feminist pursuing a M.A. degree. She likes to lose herself in music and daydreams quite often. Travelling excites her and photography is her passion- nature is her favorite subject. Writing is cathartic for her. A happy-go-lucky kind of person, she tries to remain calm and serene through daily life.

The Israel-based security software company, Checkmarx recently discovered that flaws in several Android devices’ personal voice assistant technology could have rendered them vulnerable to hackers and other security threats.

Researchers at Checkmarx demonstrated this security threat by developing a mock-up weather app that would ask for access to the device’s voice assistant.

“The malicious app we designed for the demonstration was nothing more than a mockup weather app that could have been malicious by design. When the client starts the app, it essentially creates a persistent connection back to the [command and control] server and waits for commands and instructions from the attacker, who is operating the C&C server from anywhere in the world. Even closing the app does not terminate the persistent connection.” – They explained

Consequently, such technological holes could expose the user and the phone security to the invasion of privacy, such as keeping the user in the dark while taking their photos and videos and even tracking their location.

Also Read

These flaws have mostly been found to exist in Google Assistant in Google Pixel smartphones and in Samsung’s Bixby and its Galaxy series, as per the research published by Checkmarx on Tuesday.

The company stated that these technological loopholes could have enabled hackers to misuse the tech and record two-way conversations, silence the shutter on a phone’s camera and collect GPS location based on a device’s Metadata, especially because voice assistants don’t need to ask for permission to capture media.

Fortunately, the security patch made available on the Play Store by Google and Samsung has been available since this July, and it has protected these Android devices from such infiltration and misuse of information.

That security threat increased with the development of technology and had been proved previously when researchers found that they could intercept Wi-Fi usernames and passwords from customers who installed Amazon’s Ring doorbells on their homes. By and by, this creates new means for cybercriminals to abuse user data.

Stay updated

Subscribe to our newsletter and never miss an update on the latest tech, gaming, startup, how to guide, deals and more.

- Advertisement -
- Advertisement -

Grow Your Business

Place your brand in front of tech-savvy audience. Partner with us to build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Latest

- Advertisement -

Related

- Advertisement -
- Advertisement -