"Security Researchers Expose New Alexa and Google Home Vulnerability"

Security researchers at SRLabs discovered a new vulnerability that impacts Amazon Alexa and Google Home. The exploitation of this vulnerability could allow hackers to secretly listen in on users and execute phishing attacks in which users are asked for their Google account passwords. Researchers developed malicious Alexa skills and Google Home actions that posed as apps for checking horoscopes. According to researchers, there is a flaw in both voice assistants that can allow them to continue listening to users after they have performed their initial commands. Security experts call on Google and Amazon to strengthen their security-vetting processes for third-party apps as hackers can hide malicious code in their software. This article continues to discuss the vulnerability and how researchers demonstrated its exploitation, along with Amazon's response to this discovery. 

The Verge reports "Security Researchers Expose New Alexa and Google Home Vulnerability"