Browser bug exploited to hack Amazon Alexa: Details here

At this year's Pwn2Own hackathon, a couple of researchers, Amat Cama and Richard Zhu, demonstrated a range of exploits and bagged the top prize of $60,000.

One of their exploits - integer overflow hack - tied to Alexa and highlighted how the smart assistant on the latest Amazon smart-display, Echo Show 5, can be compromised with the help of a browser and malicious Wi-Fi.

While demonstrating the attack, the researchers claimed that the device in question comes with an older version of Chromium, Google's open-source browser projects.

They said, this version had been forked during development, which essentially allows them to use a malicious Wi-Fi hotspot as a way to trigger an integer overflow and take full control of the device.

As TechCrunch explains, an integer overflow occurs when an IoT device performs a mathematical operation and tries to produce a number but overflows that number outside of the allocated memory owing to the lack of space.

This overflow, according to the researchers, results in security implications, giving an opportunity to take full control of the device.

After the hack was demonstrated, Amazon responded on the matter, claiming that it is conducting an internal investigation into the exploit shown by the researchers.

The company added that it "will be taking appropriate steps to protect our devices based on our investigation," but didn't specify what will be these steps or when they will be taken.