According to a security expert, certain Google Home smart speakers may have been taken over in order to remotely operate the gadget and potentially listen in on private conversations.
Security expert Matt Kunze found the problem, for which he was rewarded with a prize of $107,500 for appropriately disclosing it to Google.
Kunze, who was looking into his own Google Home small speaker for potential problems, detailed in a blog post(opens in new tab) how he was able to establish a second Google account to the gadget, which would be sufficient to be able to listen in on conversations.
Adding rogue accounts
The attacker must first be within wireless range of the target device and listen for MAC addresses with Google-related prefixes.
The device can then be disconnected from the network and put into setup mode by sending deauth packets. In the setup process, they ask for device details, utilise that information to attach their account to the device, and presto! They can now walk away from the WiFi and spy on the device owners online.
However, the danger goes beyond merely overhearing talks. Many owners of smart home speakers link their gadgets to other smart devices, like door locks and smart switches. The researcher also discovered a technique to misuse the “call phone number” command, causing the victim’s device to contact the attacker at a predetermined time and stream live audio.
The flaw was identified in early 2021 and fixed by April 2022. To fix the problem, Google developed a new invite-based approach for account linking that blocks any accounts that haven’t been linked to Home.
That being said, to make sure there is no risk, Google Home users are advised to update the endpoint’s firmware to the latest version as soon as possible.
Comments are closed.