DolphinAttack to Hack Siri, Alexa Devices: Inaudible Commands can Hijack Voice Control Systems

By Kristinova V. Justimbaste, Christian Post Contributor

Inaudible ultrasound commands can be used to hijack voice-activated programs such as Siri and Alexa, China's Zhejiang University revealed.

The researchers, using a method they call DolphinAttack, created a program that translates a normal voice command into a frequency inaudible to the human ear. They then tested if voice control systems, including Siri, Google Now, Alexa, and Cortana, would follow the commands. The researchers claim to have tested the attack in five languages across 16 different systems.

"DolphinAttack voice commands, though totally inaudible and therefore imperceptible to [a] human, can be received by the audio hardware of devices, and correctly understood by speech recognition systems," the team wrote.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

Using a variety of commands like activating Siri or initiating FaceTime call on iPhone, the researchers were able to make the programs carry them out. More importantly, they learned that DolphinAttack can even be used to issue malicious attacks. For instance, hackers can use it to instruct a device to open a website that prompts a virus.

They also theorized on how one could hijack a system that is supposed to respond only to a specific person's voice. They believe that if one can get a person to say a particular sentence like "he carries cake to the city," one can take out certain syllables and rearrange them to make "Hey Siri."

Once the virtual assistant is activated, then they can proceed to issue malicious attacks.

Tech enthusiasts should not panic, as this method is too impractical to create a threat to the general public. For starters, the attacker has to be a few feet away from the target to initiate an ultrasonic voice command. They also need to be in a quiet environment.

Furthermore, the team provided ways to prevent a DolphinAttack. For instance, users can deactivate the waking phrases function to prevent their devices from being attacked.

The research highlights the vulnerabilities of modern technology.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.