Security researchers Wu Huiyu and Qian Wenxiang have discovered a terrifying way to turn an Amazon Echo into a spy bug.
The researchers demonstrated their method onstage at the Def Con hacking conference on Sunday. To orchestrate the attack, they took apart an Echo, removed the flash chip from its motherboard, loaded it with custom spyware, and then re-attached the chip.
The firmware is then able to find and link up to a targeted Amazon account using "cross-site scripting, URL redirection, and HTTPS downgrade attacks," according to Wired, which first reported the news.
The device can also then access other Echo devices on its same network.
The doctored device can take advantage of Whole Home Audio Daemon, the software component that allows Echos on the same network to talk to each other, to gain full control over a targeted speaker. This means you could do anything from playing creepy music and calling Ubers for people to seizing control of their microphone and secretly recording audio.
There are some limitations to this attack: It requires that hackers have access to a device's hardware, and that they have the target's Wi-Fi password. But the researchers told Wired that such an attack could still work in public places, like hotel rooms or schools, with public passwords.
The hackers have informed Amazon of the vulnerability, which the company told Wired it has already patched.
More on Alexa