It seems like there are smart speakers just about everywhere these days and security experts warn smart speakers from secondary sellers could be used to spy on unsuspecting consumers, according to Forbes.
Ariel Hochstadt, the co-founder of online privacy company vpnMentor, warned that it’s possible for hackers and malicious actors to manipulate smart home speakers, and specifically to bug the device and insert spying tools. “The buyer would not be aware that they have purchased a pre-hacked device and, therefore, once in the home, the hackers would be able to access it remotely without ever having to enter the home,” he warned, per Forbes.
Primarily at risk to this type of attack is the first-generation Amazon Echo — the original model of Amazon’s wildly popular smart speaker equipped with voice assistant Alexa, which has been discontinued. That speaker in particular sports a physical device that makes it possible for an attacker to crack open the case and manipulate the internal components. Hochstadt said that an SD card could be used to turn the Echo into a spying machine that could “livestream audio from its microphone, and remotely use its services.”
There are also software vulnerabilities that smart speakers can introduce to your home, so if you’re purchasing one, make sure to always install the most recent update available. Doing so will often address known software vulnerabilities and bugs. Hochstadt also recommends keeping smart devices like the Echo and other Alexa devices, Google Home, and Apple HomePod connected to separate wireless networks so they can’t be used to intercept data and information that you transmit across your primary network.