How to exploit Vulnerability in Siri and Google Now.

Researchers of French Intelligence Agency, ANSSI found that Hackers can control the smartphone devices from 16 feet away. The user would have no idea that his smartphone has been hacked the research says.

The hackers are exploiting vulnerabilities in Siri and Google Now, with the help of radio signals without even saying a word. The hacker can send text messages, emails, and browse on internet without even asking for your permission. 

How does a hacker control your device? 

The Hacker can only target those devices if the targets headphones are plugged into the jack, only this way the hacker can get into your device without even asking for your permission. 
The hacker should have a radio transmitter to start his hacking operation. It will be used to send  radio waves that are able to trigger voice commands on Siri and Google Now with a pair of microphone-enabled headphones plugged in.
The users headphone cable will work as radio antennas, this way the Siri or Google Now app will receive commands which it believe is coming from users microphone.  The french researchers presented their discovery in Hack in Paris conference.  
They presented how a hacker can send sms, emails, visit website managed by hacker, send phishing and spam messages exploiting emails, facebook and other social media accounts.

The French duo used as a generator of electromagnetic waves their laptop running the open-source software GNU Radio, a USRP software-defined radio, an amplifier, and an antenna.

The researchers explained that their basic equipment could fit inside a backpack and can reach a range of around six and a half feet. In a more powerful configuration composed of larger batteries that could fit inside a van, the researchers say they could extend the attack’s range to more than 16 feet.
The two experts also published a Video Proof of Concept for the attack, they demonstrated how send a command to Google Now via radio on an Android smartphone instructing the mobile device to launch the browser to visit the ANSSI official website. 
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Exploit Heartbleed using Metasploit in Kali Linux

Heartbleed vulnerability (registered as CVE-2014-0160) is a security bug present in the older version of OpenSSL cryptographic library. OpenSSL is a cryptographic toolkit used...

How to Install Parrot Security OS on VirtualBox in 2020

Parrot Security OS is a free GNU/LINUX distribution, released on 10th April 2013. It is a mixture of Kali Linux and Frozenbox OS, aims to...

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...