X
search

Google Home security vulnerability allowed hackers to listen to conversations

Pictured: Hisan Kidwai
By Hisan Kidwai
January 03, 2023
Featured image for Google Home security vulnerability allowed hackers to listen to conversations

Smart speakers have become a popular addition to many homes, offering convenient hands-free control of smart devices and access to a range of features such as music streaming and voice assistants. However, in January 2021, security researcher Matt Kunze discovered a critical vulnerability in Google Home speakers that allowed hackers to gain access to users’ homes without their knowledge.

Hackers could initiate phone calls through the Google Home speaker

Kunze found that the Google Home security vulnerability allowed threat actors to add a “rogue” account through the Home app and control the device remotely through the cloud API by obtaining the device’s name, certificate, and “cloud ID” from the local API. Once they had this information, the hacker could send a link request for the device through Google’s server and gain access to the device as if they were a rogue user.

This allowed hackers to spy on users, make HTTP requests on their network, read and write files on the device, and even remotely activate the call command of the smart speaker, enabling the device to call the hacker’s phone and listen in on conversations taking place in the home. Further, hackers could also control the user’s smart home switches, make online transactions, unlock the user’s home and vehicle doors, and even leverage the user’s PIN used for smart locks.

Google patches issue and strengthens security measures

Fortunately, Kunze reported the issue to Google in March 2021, and the company has since fixed the vulnerability and paid out over $100,000 for the report. It is no longer possible to add an account to a Google Home speaker remotely. Google has also disabled the ability to activate a call command remotely through a routine.

Google’s smart displays, on the other hand, now offer a more secure setup process thanks to the use of a QR code that can be protected with WPA2. This means that an attacker would need physical access to the device to connect their account to it.

Despite the hack, Kunze affirmed that Nest and Home devices are generally very secure and do not offer many attack vectors. He said that the vulnerabilities he discovered were subtle and the most an attacker could do was change some basic settings.

  翻译: