SECURITY RESEARCHERS have revealed that attackers can bypass the login screen on Windows machines and install malware by directing commands at Cortana.
The security buffs, who go by the name of Tal Be’ery and Amichai Shulman, uncovered the flaw after discovering that Microsoft’s Cortana AI assistant is always-on and responds to some voice commands even when computers are asleep and locked, Motherboard reports.
This, they found, could allow someone with physical access to plug a USB with a network adapter into the computer then verbally instruct Cortana to launch the system’s browser and launch a web address that does not use the safer HTTPS protocol.
The attacker’s malicious network adapter then intercepts the web session to send the computer to a malicious site instead, where it downloads malware to the machine, unbeknown to the user.
“We still have this bad habit of introducing new interfaces into machines without fully analysing the security implications of it,” the researchers said.
“We start with proximity because it gives us the initial foothold in [a] network. We can attach the computer to a network we control, and we use voice to force the locked machine into interacting in an insecure manner with our network.”
The researchers said an attacker can also connect the targeted computer to a wireless network that they control. This can be done simply clicking on the chosen network with the mouse, even when the computer is locked, they said.
“One of the things we saw was that even when a machine is locked, you can choose the network to which that machine is attached.”
The researchers will be presenting their Cortana malware findings at the Kaspersky Analyst Security Summit in Cancun this week. µ
Source : Inquirer