Connect with us

Hi, what are you looking for?


Identity & Access

Siri, Alexa, Google Now Vulnerable to Ultrasound Attacks

A team of researchers from the Zhejiang University in China have demonstrated how several popular speech recognition systems can be controlled using ultrasound via an attack method they have dubbed “DolphinAttack.”

A team of researchers from the Zhejiang University in China have demonstrated how several popular speech recognition systems can be controlled using ultrasound via an attack method they have dubbed “DolphinAttack.”

The experts tested Apple’s Siri, Google Now, Samsung’s S Voice, Huawei’s HiVoice, Microsoft’s Cortana, Amazon’s Alexa and the speech recognition system in an Audi Q3 vehicle. They modulated various voice commands on ultrasonic carriers, at a frequency of 20,000 Hz or higher, in order to make them inaudible to humans.

The goal was to determine if these systems can be activated using ultrasound and if they can be controlled once they have been activated. The activation commands they tested included “Hey Siri,” “OK Google,” “Hi Galaxy” and “Alexa,” while recognition commands included “Call 1234567890,” “Open,” “turn on airplane mode” and “open the back door.”

The experiments, carried out on 16 devices with 7 different speech recognition systems, were successful in all cases from various distances. The DolphinAttack method was the most effective against Siri on an iPhone 4s and Alexa on Amazon’s Echo personal assistant device. In both cases, the attack worked over a distance of nearly 2 meters (6.5 feet).

The tests showed that the language used does not have an influence on the efficiency of the attack, but the type of command used does matter. For example, researchers determined that commands such as “call/facetime 1234567890,” “turn on airplane mode” or “how’s the weather today” are recognized much better than “open”

Background noise also has an impact, with recognition rates for the “turn on airplane mode” command decreasing to 30% on the street compared to 100% in an office and 80% in a cafe.

The researchers have also proposed a series of hardware- and software-based defenses against the DolphinAttack method.

Advertisement. Scroll to continue reading.

“The recently discovered DolphinAttack design flaw in IoT devices is another example of the importance in secure manufacturing. The flaw has introduced a relatively new attack vector – audio,” said Tim Jarrett, Sr. Director of Enterprise Security Strategy at Veracode.

“It is likely that audio and voice-based security controls will evolve as security researchers and hackers begin to explore vulnerabilities. Building in security by design and the ability to adapt to new threats will help IoT manufacturers leverage security as a competitive advantage,” Jarrett added. “IoT device manufacturers should consider this a wake-up call — manipulating audio for vulnerability injections is a serious area for concern. This recent news isn’t just an issue for the enterprise, but one for the millions of consumers that are using these IoT devices day in and day out.”

Related Reading: Barclays Unveils Voice Authentication for Phone Banking

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.

IoT Security

An innocent-looking portable speaker can hide a hacking device that launches CAN injection attacks, which have been used to steal cars.

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...


The private equity firm merges the newly acquired ForgeRock with Ping Identity, combining two of the biggest names in enterprise IAM market.