Google Assistant was introduced with the aim of allowing people to do different things on their phones with their voice, but it also opened the way for hackers to access the phone.
On November 19, cybersecurity company Checkmarks disclosed vulnerabilities in several Android phones, including the Google Pixel series and Samsung Galaxy phones.
These security flaws allow hackers to take photos and videos from phones without the user’s knowledge or to spy on them or track their location.
Hackers do this with the help of Google Assistant and this security flaw affects Android devices because it uses app permissions.
Checkmarks notified Google and Samsung of the security issue in July, and both companies informed Checkmarks that an update to the Play Store was released that month to address the issue.
Although this update is available, it is not clear whether the issue has been fixed in every affected device.
According to a statement released by Google, “We appreciate Checkmarks bringing this issue to our attention. A Play Store update for the Google Camera app was released in July 2019 to protect Google devices from this issue.” Done, this update is available to all partners’.
In a statement, Samsung said it also released updates for potentially affected devices after being made aware of the issue by Google. helped to identify and control it directly’.
According to CyberCheck, everything that goes into our phones should be reviewed by outside experts because no one should be trusted all the time.
Checkmarks researchers discovered that voice assistants can be used without anyone speaking as a result of a security flaw, which requires sending a voice code.
Most apps require user permission to take photos or videos, but voice assistant services such as Google Assistant and Samsung Bixby are considered trusted software and do not require permission.
The researchers discovered that any app could exploit this vulnerability and created a simple weather app that sent a voice request to Google Assistant in the background to take a photo or video.
But there was a voice request that the user can’t hear because it’s based on code, but as a result, Google Assistant started taking pictures and videos and sending them back to the server that the researchers were controlling.
The vulnerability could be used to track the location and spy on the user, he said, but it could also record phone calls.
#major #security #flaw #Android #phones #discovered
2024-09-11 08:42:31
Hey Google
Table of Contents
The Dark Side of Voice Assistants: How Google Assistant Can Be Used to Hack Your Phone
The introduction of Google Assistant revolutionized the way we interact with our phones, allowing us to perform a multitude of tasks with just our voice. However, this convenience has also opened the door to a new type of security threat, as hackers can now use voice assistants to gain unauthorized access to our devices.
Security Flaws in Android Devices
In November 2019, cybersecurity company Checkmarks revealed that several Android phones, including the Google Pixel series and Samsung Galaxy phones, were vulnerable to hacking due to a security flaw in the Google Assistant. This vulnerability allowed hackers to take photos and videos from phones without the user’s knowledge or permission, and even track their location.
The security flaw was found to affect Android devices because it uses app permissions, which are granted to voice assistant services such as Google Assistant and Samsung Bixby without requiring user permission. This means that hackers can exploit this vulnerability by sending a voice code, allowing them to take control of the device without the user’s knowledge.
The Response from Google and Samsung
After being notified of the security issue in July 2019, both Google and Samsung released updates to address the issue. Google released a Play Store update for the Google Camera app, while Samsung released updates for potentially affected devices. However, it remains unclear whether the issue has been fully resolved in every affected device.
The Risks of Trusting Voice Assistants
The discovery of this security flaw highlights the risks of trusting voice assistants with our personal data. According to CyberCheck, everything that goes into our phones should be reviewed by outside experts because no one should be trusted all the time [[3]]. This is especially true for voice assistant services, which are often considered trusted software and are granted access to our devices without requiring user permission.
The Potential Consequences
The potential consequences of this security flaw are severe. Hackers can use voice assistants to steal sensitive information, such as bank details or personal photos, or even use our devices to spy on us or track our location. Moreover, voice assistants can also be used to fabricate messages to our close friends or families asking for money, steal sensitive information, or even remotely control our devices [[1]].
Precautions and Solutions
To protect ourselves from these security threats, it is essential to be vigilant when using voice assistants. Users should regularly review their device permissions and ensure that only trusted apps have access to their devices. Additionally, users should be cautious when installing new apps and ensure that they are from trusted sources.
while voice assistants like Google Assistant have made our lives easier, they also pose significant security risks. It is essential to be aware of these risks and take necessary precautions to protect ourselves from hackers. By being cautious and vigilant, we can enjoy the benefits of voice assistants while minimizing the risks.
References:
Google Nest
The Dark Side of Voice Assistants: How Google Assistant Can Be Used to Hack Your Phone
The introduction of Google Assistant revolutionized the way we interact with our phones, allowing us to perform a multitude of tasks with just our voice. However, this convenience has also opened the door to a new type of security threat, as hackers can now use voice assistants to gain unauthorized access to our devices.
Security Flaws in Android Devices
In November 2019, cybersecurity company Checkmarks revealed that several Android phones, including the Google Pixel series and Samsung Galaxy phones, were vulnerable to hacking due to a security flaw in the Google Assistant. This vulnerability allowed hackers to take photos and videos from phones without the user’s knowledge or permission, and even track their location [2].
The security flaw was found to affect Android devices because it uses app permissions, which are granted to voice assistant services such as Google Assistant and Samsung Bixby without requiring user permission. This means that hackers can exploit this vulnerability by sending a voice code, allowing them to take control of the device without the user’s knowledge.
The Response from Google and Samsung
After being notified of the security issue in July 2019, both Google and Samsung released updates to address the issue. Google released a Play Store update for the Google Camera app, while Samsung released updates
