Ultrasonic Attacks Can Trigger Alexa & Siri With Hidden Commands, Raise Serious Security Risks

by | May 17, 2018 | Headline News | 14 comments

Do you LOVE America?


    This report was originally published by Tyler Durden at Zero Hedge

    Over the last two years, academic researchers have identified various methods that they can transmit hidden commands that are undetectable by the human ear to Apple’s Siri, Amazon’s Alexa, and Google’s Assistant.

    According to a new report from The New York Times, scientific researchers have been able “to secretly activate the artificial intelligence systems on smartphones and smart speakers, making them dial phone numbers or open websites.” This could, perhaps, allow cybercriminals to unlock smart-home doors, control a Tesla car via the App, access users’ online bank accounts, load malicious browser-based cryptocurrency mining websites, and or access all sort of personal information.

    In 2017, Statista projected around 223 million people in the U.S. would be using a smartphone device, which accounts for roughly 84 percent of all mobile users. Of these 223 million smartphones users, around 108 million Americans are using the Android Operating System, and some 90 million are using Apple’s iOS (operating system). A new Gallup poll showed that 22 percent of Americans are actively using Amazon Echo or Google Assistant in their homes.

    With much of the country using artificial intelligence systems on smartphones and smart speakers, a new research document published from the University of California, Berkeley, indicates inaudible commands could be embedded “directly into recordings of music or spoken text,” said The New York Times.

    For instance, a millennial could be listening to their favorite song: ‘The Middle’ by Zedd, Maren Morris & Grey. Embedded into the audio file could have several inaudible commands triggering Apple’s Siri or Amazon’s Alexa to complete a task that the user did not instruct — such as, buying merchandise from the music performer on Amazon.

    “We wanted to see if we could make it even more stealthy,” said Nicholas Carlini, a fifth-year Ph.D. student in computer security at U.C. Berkeley and one of the paper’s authors.

    At the moment, Carlini said this is only an academic experiment, as it is only a matter of time before cybercriminals figure out this technology. “My assumption is that the malicious people already employ people to do what I do,” he added.

    The New York Times said Amazon “does not disclose specific security measure” to thwart a device from an ultrasonic attack, but the company has taken precautionary measures to protect users from unauthorized human use. Google told The New York Times that security development is ongoing and has developed features to mitigate undetectable audio commands.

    Both companies’ [Amazon and Google] assistants employ voice recognition technology to prevent devices from acting on certain commands unless they recognize the user’s voice.

    Apple said its smart speaker, HomePod, is designed to prevent commands from doing things like unlocking doors, and it noted that iPhones and iPads must be unlocked before Siri will act on commands that access sensitive data or open apps and websites, among other measures.

    Yet many people leave their smartphones unlocked, and, at least for now, voice recognition systems are notoriously easy to fool.

    There is already a history of smart devices being exploited for commercial gains through spoken commands,” said The New York Times.

    Last year, there were several examples of companies and even cartoons taking advantage of weaknesses in voice recognition systems, including Burger King’s Google Home commercial to South Park‘s episode with Alexa.

    While there are currently no American laws against broadcasting subliminal or ultrasonic messages to humans, let alone artificial intelligence systems on smartphones and smart speakers. The Federal Communications Commission (FCC) warns against the practice, calling it a “counter to the public interest,” and the Television Code of the National Association of Broadcasters bans “transmitting messages below the threshold of normal awareness.” However, The New York Times points out that “neither says anything about subliminal stimuli for smart devices.”

    Recently, the ultrasonic attack technology showed up in the hands of the Chinese. Researchers at Princeton University and China’s Zhejiang University conducted several experiments showing that inaudible commands can, in fact, trigger voice-recognition systems in an iPhone.

    “The technique, which the Chinese researchers called DolphinAttack, can instruct smart devices to visit malicious websites, initiate phone calls, take a picture or send text messages. While DolphinAttack has its limitations — the transmitter must be close to the receiving device — experts warned that more powerful ultrasonic systems were possible,” said The New York Times.

    DolphinAttack could inject covert voice commands at 7 state-of-the-art speech recognition systems (e.g., Siri, Alexa) to activate always-on system and achieve various attacks, which include activating Siri to initiate a FaceTime call on iPhone, activating Google Now to switch the phone to the airplane mode, and even manipulating the navigation system in an Audi automobile. (Source: guoming zhang

    DolphinAttack Demonstration Video 

    While the number of smart devices in consumers’ pockets and at their homes is on the rise, it is only a matter of time before the technology falls into the wrong hands, and unleashed against them. Imagine cybercriminals accessing your Audi or Tesla via ultrasonic attacks against voice recognition technology on a smart device. Maybe these so-called smart devices are not smart after all, as the dangers of these devices are starting to be realized. Millennials will soon be panicking.


    It Took 22 Years to Get to This Point

    Gold has been the right asset with which to save your funds in this millennium that began 23 years ago.

    Free Exclusive Report
    The inevitable Breakout – The two w’s

      Related Articles


      Join the conversation!

      It’s 100% free and your personal information will never be sold or shared online.


      1. Punching buttons on a phone, talking to resistors and capacitors, and developing tumors as a result of 5G+/WiFi use has become synonymous with intelligence. How foolish we have become. What a hideous joke this hit or miss technology is. Do not buy into it…..be smart, keep it simple. Social networks are not what they used to be, in fact, today, they are empty, null, and troubled.

        • You Must watch this video. I have told people these FACTS for years. No one will listen.
          I believe most of my post are ghosted, being that no one is allowed to see them, even though they are posted.

          Here is youtube link:
          Here:– https://www.youtube.com/watch?v=2hxs__6US5U
          YouTube Video title:– The Selfish Ledger by Google

          Story also now on top of Drudge.com
          Original is at theverge.com
          Click on this topic at theverge.com
          “Google’s Selfish Ledger is an unsettling vision of Silicon Valley social engineering”

          You are being MANIPULATED.
          Our President is also being ATTACKED by anti-American COMMUNIST posing as senators, congressman, FBI.
          All TV News is controlled by FORIEGNERS.
          CNN is the:– “Commie News Network”.
          They think they will remove Trump from office.

          They will start a Bloody civil war if Trump is impeached. Trump will not be removed by these NWO puppet commies without a Civil War. Americans will fight back.

          Doubt this post will be seen by anyone. But there are the links and info.

          ADMIN please run a story on the Google deception and manipulation. Selfish Ledger. Google has shown who they really are. It is their own internal film.

        • Duck Plucker, excellent points. Anybody that uses any of these devices deserves exactly what happens to them, simple as that ! Same is true in every health matter. People let the doctors and adverts rule their lives, like a herd of lemmings !

          We are all on our own merits or demerits, as the case may be ! Americans are some serious dumb as MOFOs !

      2. Think about this–I had disconnected from Bluegrass for months.
        My husband received a ring, screen read ‘incoming, XXX-XXX-XXXX, Judy.
        Of course when he answered, the line was dead.
        But, did that incoming show on his phone at that time that day??
        That alone could cause a divorce, or claim false alibi/documentation in a crime, etc.
        Now, if that can happen on an unsophisticated piece of equipment like a flip phone, imagine what can happen otherwise!

        I’ll stick with my tracfone for $20 every 3 months.

      3. Why anyone would bring one of these devices into their home is beyond stupid. If you know someone with one of these in their house, I would be damn careful what I said when visiting. The problem is, you might not be aware of its existence.

      4. Alexa…how do you spell shit for brains?

      5. Get rid of them if you have them,or don’t get them in the first place. The risk is on you.

        • jim, you couldn’t be more correct. I never have understood the need to install something that is a spy, listening device or whatever into one’s home. Something reminds me of those never-off screens on the walls of every 1984 home. Folks are just crazy to do such a thing.

      6. I have a degree in computer science( I’m more than just a programmer), I’m also an Electronics engineer.
        I have more computers than some small businesses
        and only one is a Windows OS, I run Linux normally.
        I will not allow these alexa/siri things in my house.
        I will not hook up appliances or TV to the net.
        I’m not paranoid, but I know how this stuff works
        for or against you.
        My advice is that you make sure all your Internet access
        is under your control. Turn it off when not using it.
        Back up your data on a “thumb” drive that has only ever
        been used on a non-networked computer. Don’t keep anything
        you don’t want the whole world to know on a computer,
        any social site, or on a cloud.
        Assume everything on your cell smart phone is accessible
        to any cop that wants it and that they can track where you have
        been and where you are.
        I could go on and on. Just
        keep in mind as technology opens up the world to you
        it also opens you up to the entire world.

        • What most people call tech or smart phones and all these devices are in fact control mechanisms. Simple as that !

      7. But, hey, folks…it’s so cool.

      8. My old flip phone works just fine. The battery stays up for days on a single charge.

        You couldn’t give me one of those alexa siri things EVER !

      9. You’ve expected the voyeurs and busybodies to spy on you, since the days of the rotary phone. So, why does a search engine suddenly become suspicious, when combined with a voice modulator.

      10. Just how much information is being kept in your car and how much is communicated to others? Most of the information is beneficial and helps in maintaining your car. Can some of it be misused. Intrusion in areas you feel safe, secure, & private is the worst kind of betrayal. The more technologically advanced an item is, the more opportunity to gather information about the owner. There is a whole industry that collects and sells consumer information. Actually, it is impossible to be sure about who is watching and why?

      Commenting Policy:

      Some comments on this web site are automatically moderated through our Spam protection systems. Please be patient if your comment isn’t immediately available. We’re not trying to censor you, the system just wants to make sure you’re not a robot posting random spam.

      This website thrives because of its community. While we support lively debates and understand that people get excited, frustrated or angry at times, we ask that the conversation remain civil. Racism, to include any religious affiliation, will not be tolerated on this site, including the disparagement of people in the comments section.