Cortana is the AI-powered digital assistant that has one of its homes in Windows 10. It can do various tasks such as opening apps, doing simple math, suggest discount coupons, etc. But an Israel-based researcher duo, Tal Be’ery and Amichai Shulman, have discovered another thing Cortana can do. It can provide hackers a way to hack a Windows 10 PC, even if it’s locked.
An attacker can issue voice commands to Cortana and redirect the computer to a non-HTTPS website. The task is accomplished by attaching a USB network adapter to the target PC which intercepts the traffic and redirects the computer to the attacker’s malicious site to download malware.
Compromising a computer this way is possible because Cortana includes functionality to listen and respond to some voice commands even when the computer is locked. Also, the researchers’ attack method was successful because Cortana allows direct browsing to websites. The attacker can simply use the mouse to connect the target PC to their preferred WiFi network.
What limits the scope of the attack is the fact that physical access to the target machine is required. However, physical access is required only for the first machine, not when amplifying the attack.
According to the researchers, an infected PC can further communicate with other machines on the local network. It can infect them with the help of a technique called ARP Poisoning — tricking the machines on the local network to route their traffic through attacker’s network.
Microsoft was notified of the issue and now all of Cortana’s internet requests pass through Bing. Cortana’s functionality to respond while a PC is locked remains unchanged. In case, you still have concerns, you can disable Cortana on Windows 10 lock screen by visiting Settings > Cortana. Turn off the radio button that says “Use Cortana even when my device is locked.”
But determined minds are always in search of ways to compromise modern technologies. Hacking devices with the help of voice commands isn’t a new trick.
“We still have this bad habit of introducing new interfaces into machines without fully analyzing the security implications of it,” said Tal Be’ery.
The researchers are exploring further possibilities to exploit undiscovered vulnerabilities. And for other than voice commands, loopholes are yet to be discovered on new command interfaces (for instance, that use hand gestures).
Source: Motherboard
