Journalism of Courage
Advertisement
Premium

This attack can use Siri, Google Assistant or Alexa to hack into your device

Digital voice-assistants like Siri, Google Assistant, Bixby, and Alexa can be used by hackers to control smart devices via what researchers are calling the Dolphin Attack. It essentially takes advantage of device's microphone, which can catch frequencies up to 20,000Hz and ultrasound frequencies. 

Elaborating on how the Dolphin Attack works, the researchers explained that it relies ion injecting voice commands inaudible to humans (above 20,000Hz) in to target devices to launch the attack.

Digital voice-assistants like Siri, Google Assistant, Bixby, and Alexa can be used by hackers to control smart devices via what researchers are calling the Dolphin Attack. It essentially takes advantage of device’s microphone, which can catch frequencies up to 20,000Hz and ultrasound frequencies. A group of researchers from China’s Zheijiang University tested the Dolphin Attack on 16 VCS (Version Control System) models including Apple iPhone, Google Nexus, Amazon Echo, and automobiles. They were able to launch Facetime on iPhones, play music on Echo, and manipulate the navigation system on an Audi.

Elaborating on how the Dolphin Attack works, the researchers explained it relies on injecting voice commands inaudible to humans which are above above 20,000Hz frequencies. While humans are unaware of these commands, the voice-assistant on their devices can still catch them. The human voice commands can then be translated into ultrasound frequencies and played back to get things done by hackers like opening a malicious site on user’s device.

“The fundamental idea of DolphinAttack is (a) to modulate the low-frequency voice signal (i.e., baseband) on an ultrasonic carrier before transmitting it over the air, and (b) to demodulate the modulated voice signals with the voice capture hardware at the receiver,” read the research paper titled ‘DolphinAttack: Inaudible Voice Commands’.

But there are restrictions to launching this attack and a successful would need a set of highly unlikely conditions. For starters, the Dolphin Attack can only be triggered if the target device is in vicinity or within five to six feet from the transmitter. Plus, it requires the device to be unlocked and voice-assistants like Siri and Google Assistant activated on it.

Finally, whenever the Dolphin attack is launched, voice-assistants reply to commands given by hackers, which should ring a bell immediately.

Researchers have suggested two solutions for device makers to detect the Dolphin attack – to disable voice-assistants from responding to frequencies above 20,000Hz and clearly classify audios that are inaudible to humans.

“We propose hardware and software defense solutions. We validate that it is feasible to detect DolphinAttack by classifying the audios using supported vector machine (SVM), and suggest to re-design voice controllable systems to be resilient to inaudible voice command attacks,”added the research paper.

Curated For You
After Agnipath dashes dreams of becoming IAF Airman, Haryana man passes out of IMA as Army Lieutenant
India vs South Africa 3rd T20I, Live Cricket Score: Bowlers, Abhishek Sharma shine as India beat Proteas by 7 wickets in Dharamshala to take 2-1 series lead
Who are Naveed Akram and Sajid Akram? Alleged father-son shooters in Sydney’s Bondi Beach attack

 

© IE Online Media Services Pvt Ltd
Tags:
  • Google Assistant
Edition
search
Install the Express App for
a better experience
Featured
Today's E-paper
Dec 15, 2025
Trending Topics
News
Multimedia
Follow Us
Idea ExchangeJustice BR Gavai: ‘Scrutiny should not affect judges. They are answerable to their conscience...’
X