Researchers Discovered that Alexa can be Used for Eavesdropping

A new discovery made by the Checkmarx researchers carries a not-so-good news for Alexa users. Turns out that Amazon Alexa has the potential to be hacked through the use of a malicious skill that can enable the attacker to listen in on the users’ conversation without them knowing about it. Additionally, Google has decided to redesign Gmail so that more productivity features, as well as extra security,  could be implemented.

Thanks to researchers at Checkmarx, we now know that Alexa can have a certain amount of privacy issues. Checkmarx decided to publicly disclose this discovery on April 25. According to them, the voice assistant created by Amazon, Alexa, can be used for recording the users’ conversations through malicious applications.

The discovery of Alexa’s flaw

As of yet, the researchers can’t confirm that anyone has actually discovered this flaw and took to exploiting it. The flaw itself is not the part of the devices’ hardware. Instead, it can be achieved through the misuse of Alexa’s skills.

As you might know, Alexa’s use can be extended through the use of different skills that add extra functionalities. Through their research of what the skills can offer, Checkmarx researchers discovered that there are several parameters that can be considered unbounded.

Through the exploit of these parameters, someone skilled with creating malicious software can use them for transcribing everything that the unaware users say. This will work even after the user has finished their communication with the device.

This mitigating feature is already set in place by the devices’ creators, and its function is signaled by the blue light that is coming from a LED ring on top of the device. However, by expanding the recording session of Alexa, the attacker might continue the devices work without the user noticing it.

Google decides that Gmail needs more features and security

Even more productivity and security features were added to Gmail, according to Google. The most important one of the recent updates includes a confidential mode which can now be used for protecting content with sensitive nature. This will allow Gmail users to decide how long is their email’s expiration date, as well as the ability to revoke an email that was already sent. On top of that, extra authentication through the text messages will be needed as well.

Emails will now also have the protection that will prevent them from being printed, copied, forwarded, or even downloaded. More of these updates also include Nudging, which will have a job of reminding users to respond to messages that are deemed important. A new Smart Reply system will provide three short message-responses that the user will be able to send instantly. Also, there will be High-Priority notifications, which will minimize the interruptions of the user by only informing them of the most important emails.

The creation of Calendar invitations will also be much faster, as well as managing the items from the Tasks side-panel, which acts as a to-do list.

Ali Raza
Ali Raza
Ali Raza is a freelance journalist with extensive experience in marketing and management. He holds a master degree and actively writes about crybersecurity, cryptocurrencies, and technology in general. Raza is the co-founder of, too, a site dedicated to educating people on online privacy and spying.

More from author

Notify of
Inline Feedbacks
View all comments

Related posts


Latest posts

7 Best Work from Home Apps for Moms

Being a mom is a job in itself. Between taking care of the kids, keeping up with household chores, and trying to squeeze in...

Top 9 Ways Technology is Helping Global Trade

If you are in a global business, utilizing technology is a surefire way of growing your business and increasing your customer base. Today, you...

7 Ways Technology Is Going To Transform Lead Generation

 In the ever-growing world of digital marketing, the ability to generate quality leads remains the most important ROI driver. Both inbound and outbound lead...