Amazon Echo and Google Home speakers have been compromised by apps modified to spy on users.
Berlin-based Security Research Labs (SRL) built the eight “smart spies”, which were promoted as a way to deliver horoscopes and generate random numbers.
Once approved, the researchers updated the Echo Skills and Home Actions to eavesdrop and steal passwords.
Amazon and Google unwittingly approved smart-speaker apps designed to eavesdrop on users and steal their passwords.
Researchers successfully sneaked malicious apps behind the defenses of two major smart speaker companies in a test on their security practices.
Experts at Security Research Labs say the apps were design to target personal data like voice-recordings and passwords of both Google Home and Amazon Echo users by posing as software that reads horoscopes through voice-commands.