- Google Smart Home Speaker can be hacked, claims a researcher
- The device can be used to listen to your private conversations using remote access via a backdoor account.
- This was recently discovered by a researcher named Matt Kunze.
According to $4 (via Android Central), Kunze was messing around with a Nest Mini when he discovered that a rogue account could be created using the Google Home App. This backdoor account can then be used to get remote access to the smart speaker, including its microphone feed. The rogue account uses cloud API (application programming interface) to send commands to the smart speaker. The API allows multiple computer programs to communicate.
The information needed to hack the intelligent speaker includes the device’s name, certificate, and cloud ID. The hacker can send a request to Google’s server to link the smart speaker using this information. Then it can be used to make online transactions, control smart appliances, and even unlock the front door.
Kunze discovered it by making a malicious routine that included a call command. This allowed him to activate the microphone in the smart speaker at a specified time. He even recorded a video showing how the Nest Mini’s microphone can send conversations to a smartphone. Upon discovering it, Kunze received $1,07,500 from Google.
However, worry not. Kunze discovered this in January 2021, and Google fixed it in April 2021. Anyone running the latest firmware is absolutely safe from this issue.
SEE ALSO: