Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Just Watching a YouTube Video Can Compromise Your Smartphone

Hidden Voice Commands Can Compromise Mobile Devices

Among the multiple ways of compromising a mobile device, a new method was recently analyzed by researchers that humans can’t detect: hidden voice commands.

Hidden Voice Commands Can Compromise Mobile Devices

Among the multiple ways of compromising a mobile device, a new method was recently analyzed by researchers that humans can’t detect: hidden voice commands.

The research was driven by the emergence of voice interfaces for computers and was conducted on Android and iOS devices with the “Google Now” feature activated. With modern smartphones and wearable devices adopting an “always-on” model in which they continuously listen for possible voice input, researchers wanted to learn whether hidden commands that are unintelligible to human listeners could be issued.

In a paper (PDF) describing the experiment, researchers from Berkeley and Georgetown University revealed that hidden commands that are effective against existing systems can be issued, and that humans are unlikely to understand them and might not even notice them. The mobile devices, one the other hand, will react to these commands.

Hidden Voice Commands Can be Used in AttacsksWhat researchers also discovered, was that such attacks can be performed only if the target device is within a given range, because the voice recognition systems were designed to filter background noise. While the device owner might recognize unwanted commands, researchers say that it is possible to broadcast hidden commands from a loudspeaker at an event or to embed them in a trending YouTube video.

Researchers also say that the severity of a hidden voice command depends upon what commands the targeted device will accept. Attackers could compromise devices to leak information (e.g., posting the user’s location on Twitter), to cause denial of service (e.g., activating airplane mode), or prepare the device for further attacks (e.g., opening a web page hosting drive-by malware).

What’s more, these hidden voice commands can be constructed with very little knowledge about the speech recognition system (black-box attacks), but attackers who possess such knowledge could construct hidden voice commands that humans cannot understand at all (white-box attacks), researchers say.

The paper reveals that attacks are successful if carried out at less than 3.5 meters from the target and that phones successfully recognized 60% of the obfuscated commands used in black-box attacks. Additionally, the researchers proved that, while humans can’t understand the obfuscated commands used in white-box attacks, the attack was successful in 82% of instances.

Advertisement. Scroll to continue reading.

“While voice interfaces allow for increased accessibility and potentially easier human-computer interaction, they are at the same time susceptible to attacks: Voice is a broadcast channel open to any attacker that is able to create sound within the vicinity of a device. This introduces an opportunity for attackers to try to issue unauthorized voice commands to these devices,” researchers say.

In addition to describing their attack in the aforementioned paper, the researchers also present a series of defenses that could be used to prevent such attacks, including alerting the user that a voice command was received. Additionally, they propose that devices seek confirmation for the issued command, but also say that defenses that detect and prevent such attacks are also possible.

Related: When “Always On” IoT Comes to the Office

Related: Google Patches 108 Vulnerabilities in Android

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.