Siri, Apple’s voice activated personal assistant and knowledge navigator application, can be leveraged to steal sensitive information from iOS smartphones in a stealthy manner, according to researchers.
Luca Caviglione of the National Research Council of Italy and Wojciech Mazurczy of the Warsaw University of Technology warn that malicious actors could use Siri for stealthy data exfiltration by using a method that’s based on steganography, the practice of hiding information.
Malware that uses such techniques is becoming more and more common. For example, the developers of Duqu, Alureon, and Zeus have all used innocent-looking image files for data transmission and command and control (C&C) communications. Other threats have used the traffic generated by popular applications such as Skype to hide data.