Security researchers say they can covertly control voice-activated systems using supersonic sounds beyond the range of human hearing.
Calling the method ‘DolphinAttack’, the team claim voice assistants including the Amazon Echo’s Alexa and Apple’s Siri can be manipulated using sounds their owners would not be able to detect.
DolphinAttack could be used to make the device visit a malicious website and download a virus, or it could allow an attacker to spy on the victims by initiating an outgoing video or phone call.
The attacker could even potentially instruct the victim device to send fake messages or add fake events to a calendar.
They could also dim the screen display and mute the voice feedback to hide that they were controlling the device.
The researchers, from Zhejiang University in China, claim to have validated the attack against popular speech recognition systems, including those from major technology companies and automotive manufacturer Audi.
The team were able to launch these attacks, which are higher than 20kHz – the upper limit of human hearing – by using less than $ 3 of equipment which they attached to a Galaxy S6 Edge.
Using an external battery, an amplifier, and an ultrasonic transducer, the team was able to send sounds which the voice assistants’ microphones were able to pick up and understand.
The team claim to have validated the attack experimentally on 16 popular voice controllable systems and seven speech recognition systems.
In most cases it was able to both activate the speech recognition system, and have the speech recognition system execute the commands it was sent.
They were able to do these attacks from up to 170cm away, a distance that an attacker could likely achieve without raising too much suspicion.
The research will be presented later this month at the ACM Conference on Computer and Communications Security in Dallas, where the team will propose two defences against DolphinAttack, both on a hardware and software level.
Sky News has contacted the manufacturers of the voice-activated devices to request their views and responses to the research.