New security and privacy concerns arise due to the growing popularity of voice assistant (VA) deployments in home and enterprise networks. A number of past research results have demonstrated how malicious actors can use hidden commands to get VAs to perform certain operations even when a person may be in their vicinity. However, such work has not explored how compromised computers that are close to VAs can leverage the phone channel to exfiltrate data with the help of VAs. After characterizing the communication channel that is set up by commanding a VA to make a call to a phone number, we demonstrate how malware can encode data into audio and send it via the phone channel. Such an attack, which can be crafted remotely, at scale and at low cost, can be used to bypass network defenses that may be deployed against leakage of sensitive data. We use Dual-Tone Multi-Frequency tones to encode arbitrary binary data into audio that can be played over computer speakers and sent through a VA mediated phone channel to a remote system. We show that modest amounts of data can be transmitted with high accuracy with a short phone call lasting a few minutes. This can be done while making the audio nearly inaudible for most people by modulating it with a carrier with frequencies that are near the higher end of the human hearing range. Several factors influence the data transfer rate, including the distance between the computer and the VA, the ambient noise that may be present and the frequency of modulating carrier. With the help of a prototype built by us, we experimentally assess the impact of these factors on data transfer rates and transmission accuracy. Our results show that voice assistants in the vicinity of computers can pose new threats to data stored on such computers. These threats are not addressed by traditional host and network defenses. We briefly discuss possible mitigation ways.

中文翻译：

---

使用听不见的音频和语音助手通过电话传输敏感数据

由于家庭和企业网络中语音助手 (VA) 部署的日益普及，出现了新的安全和隐私问题。过去的许多研究结果已经证明，即使有人在附近，恶意行为者也可以使用隐藏命令让 VA 执行某些操作。然而，此类工作并未探索靠近 VA 的受感染计算机如何在 VA 的帮助下利用电话通道窃取数据。在描述了通过命令 VA 拨打电话号码而设置的通信通道之后，我们演示了恶意软件如何将数据编码为音频并通过电话通道发送。这种可以远程、大规模和低成本实施的攻击可用于绕过可能部署的防止敏感数据泄露的网络防御。我们使用双音多频音调将任意二进制数据编码为音频，这些音频可以通过计算机扬声器播放，并通过 VA 介导的电话通道发送到远程系统。我们表明，通过持续几分钟的短电话，可以高精度传输适量的数据。通过使用频率接近人类听力范围高端的载波调制音频，可以做到这一点，同时使大多数人几乎听不到音频。有几个因素会影响数据传输速率，包括计算机与 VA 之间的距离、可能存在的环境噪声以及调制载波的频率。在我们构建的原型的帮助下，我们通过实验评估了这些因素对数据传输速率和传输精度的影响。我们的结果表明，计算机附近的语音助手会对存储在此类计算机上的数据构成新的威胁。传统的主机和网络防御无法解决这些威胁。我们简要讨论了可能的缓解方法。