Researchers have uncovered gaps in Amazon’s skill vetting process for the Alexa voice assistant ecosystem that could allow a malicious actor to publish a deceptive skill under any arbitrary developer name. The findings were presented on Wednesday at the Network and Distributed System Security Symposium (NDSS) conference by a group of academics from Ruhr-Universit..t Bochum and the North Carolina State University. The study found that multiple skills can have the same invocation phrase with at least one other skill in the US store alone.
Source: https://thehackernews.com/2021/02/alert-malicious-amazon-alexa-skills-can.html