American university researchers have developed a novel attack called “Near-Ultrasound Inaudible Trojan” (NUIT) that can launch silent attacks against devices powered by voice assistants, like smartphones, smart speakers, and other IoTs.
The team of researchers consists of professor Guenevere Chen of the University of Texas in San Antonio (UTSA), her doctoral student Qi Xia, and professor Shouhuai Xu of the University of Colorado (UCCS).
The team demonstrated NUIT attacks against modern voice assistants found inside millions of devices, including Apple’s Siri, Google’s Assistant, Microsoft’s Cortana, and Amazon’s Alexa, showing the ability to send malicious commands to those devices.
Inaudible attacks
The main principle that makes NUIT effective and dangerous is that microphones in smart devices can respond to near-ultrasound waves that the human ear cannot, thus performing the attack with minimal risk of exposure while still using conventional speaker technology.
In a post on USTA’s site, Chen explained that NUIT could be incorporated into websites that play media or YouTube videos, so tricking targets into visiting these sites or playing malicious media on trustworthy sites is a relatively simple case of social engineering.
The researchers say the NUIT attacks can be conducted using two different methods.
The first method, NUIT-1, is when a device is both the source and target of the attack. For example, an attack can be launched on a smartphone by playing an audio file that causes the device to perform an action, such as opening a garage door or sending a text message.
The other method, NUIT-2, is when the attack is launched by a device with a speaker to another device with a microphone, such as a website to a smart speaker.
“If you play YouTube on your smart TV, that smart TV has a speaker, right? The sound of NUIT malicious commands will become inaudible, and it can attack your cell phone too and communicate with your Google Assistant or Alexa devices,” explained G. Chen.
“It can even happen in Zooms during meetings. If someone unmutes themselves, they can embed the attack signal to hack your phone that’s placed next to your computer during the meeting.”
Chen explained that the speaker from where NUIT is launched needs to be set to above a certain volume level for the attack to work, while the malicious commands last for only 0.77 seconds.
“It can even happen in Zooms during meetings. If someone unmutes themselves, they can embed the attack signal to hack your phone that’s placed next to your computer during the meeting.”
Chen explained that the speaker from where NUIT is launched needs to be set to above a certain volume level for the attack to work, while the malicious commands last for only 0.77 seconds.
The attack scenarios demonstrated by the researchers involve sending commands to IoTs connected to the smartphone, like unlocking doors or disabling home alarms, with little risk of the victim realizing this activity is taking place.
However, since smart assistants can also perform actions like opening websites, the attackers could lead smartphones to “watering hole” websites that can be used to drop malware on the device by exploiting a vulnerability in their browser without interaction by the victim.
Effectiveness and precautions
The researchers tested 17 popular devices that run the voice assistants and found that they’re all ownable using any voice, even robot-generated, except for Apple Siri, which requires emulating or stealing the target’s voice to accept commands.
Hence, if you can authenticate on your smart device using your vocal fingerprint, it is recommended that you activate this additional security method.
Chen also advised that users monitor their devices closely for microphone activations, which have dedicated on-screen indicators on iOS and Android smartphones.
Finally, using earphones instead of speakers to listen to something or broadcast sound effectively protects against NUIT or similar attacks.
The full details of the NUIT attack will be presented in the 32nd USENIX Security Symposium scheduled for August 9 and 11, 2023, at the Anaheim Marriott in Anaheim, CA, USA.