Google Smart Home Speaker can be hacked, claims a researcher
The device can be used to listen to your private conversations using remote access via a backdoor account.
This was recently discovered by a researcher named Matt Kunze.
The saying walls have ears is as old as time, but it seems this is now our reality. Worse, when you realize it might be the smart home speaker on the side table listening to you. Recently a researcher named Matt Kunze discovered that hackers could spy on you by accessing theGoogle Homesmart speaker.
Bleeping computer (via Android Central), Kunze was messing around with a Nest Mini when he discovered that a rogue account could be created using the Google Home App. This backdoor account can then be used to get remote access to the smart speaker, including its microphone feed. The rogue account uses cloud API (application programming interface) to send commands to the smart speaker. The API allows multiple computer programs to communicate.
The information needed to hack the intelligent speaker includes the device’s name, certificate, and cloud ID. The hacker can send a request to Google’s server to link the smart speaker using this information. Then it can be used to make online transactions, control smart appliances, and even unlock the front door.
Kunze discovered it by making a malicious routine that included a call command. This allowed him to activate the microphone in the smart speaker at a specified time. He even recorded a video showing how the Nest Mini’s microphone can send conversations to a smartphone. Upon discovering it, Kunze received $1,07,500 from Google.However, worry not. Kunze discovered this in January 2021, and Google fixed it in April 2021. Anyone running the latest firmware is absolutely safe from this issue.SEE ALSO:
Source: Read More