Google Home smart speaker bug could have allowed hackers to spy on your conversations

A security researcher has won a $107,500 bug bounty after discovering how hackers installed a backdoor on Google Home devices to take control of the microphone and covertly spy on the owner’s conversations.

Vulnerability hunter Matt Kunze first reported the issue to Google in early 2021. Because in his own experiments with his Google Home smart speaker, he found it easy to add new users via the Google Home app.

Kunze discovered that connected users can remotely send commands to paired Google Home devices via cloud APIs.

In a technical blog post, Kunze describes a possible attack scenario:

1. Attackers are trying to spy on victims. The attacker can wirelessly get in close to her Google Home (but doesn’t know the victim’s Wi-Fi password).
2. Attackers discover victims’ Google Homes by listening for MAC addresses with prefixes associated with Google Inc. (e.g. E4:F0:42).
3. An attacker sends a deauthentication packet to force the device to disconnect from the network and enter setup mode.
4. An attacker connects to a device’s setup network and requests its device information.
5. The attacker connects to the Internet and uses the captured device information to link his account to the victim’s device.
6. Attackers can now spy on victims via Google Home over the internet (no need to be near the device).

According to Kunze, malicious hackers who linked their accounts to targeted Google Home devices could now execute commands remotely. For example, controlling smart-hi switches, making online purchases, unlocking doors and vehicles remotely, and smart-hi unlocking by brute-his force of the user’s her PIN. .

Kunze is the Google Home speaker’s “call command, effectively sending all information picked up by the microphone to a phone number of the hacker’s choosing.

Thankfully, Kunze responsibly disclosed the vulnerability to Google, preventing further exploitation of the security flaw. Google said he fixed the security hole in April 2021, but details have yet to be released.

Of course, this meant millions of people bought vulnerable Google Home smart speakers for years.

Voice-activated devices have proven vulnerable to covert snooping in the past due to vulnerabilities, and it would be a brave man to bet that it won’t happen again. Their widespread adoption has made smart speakers a potential headache for those who prioritize privacy and security over convenience.