Site icon Metro Voice News

Google Home loophole allowed hackers to listen to user conversations

Hackers had the ability to listen to your private conversations through Google Home speakers, according to research funded by the tech giant.

Google awarded $107,500 to security specialist Matt Kunze for discovering the security issue while experimenting with his own Google Home mini-speaker.

A bug allowed hackers to install a backdoor account on a Google Home smart speaker device and use it via remote control to eavesdrop on unsuspecting owners by accessing its microphone feed, reported Bleeping Computer.

Kunze notified Google and later published the technical details about his findings, along with a potential attack scenario, which explained how the flaw could be exploited by an outside actor.

He discovered a flaw that allowed commands to remotely access the application programming interface (cloud API) after setting up a new account using the Google Home app.

Google Home, a series of smart speakers, was released in 2016 to much fanfare and enabled users to verbally issue voice commands to interact with services through Google Assistant.

Serious Loophole Allowed Hackers to Access Smart Appliances and Speakers

Kunze noted that if a hacker got within wireless proximity of a speaker device, even without access to the Wi-Fi network that it was connected to, they could discover a user’s Google Home system.

After a user account is created, a bad actor could then access the user’s setup mode, install a different Google account, and then re-connect it to that unsuspecting person’s Wi-Fi network.

Google has since prevented the ability to remotely add an account to a Google Home speaker with a patch that included a new invite-based system to handle account links, blocking any attempts by individuals not added on Home.

Phone call security was also fixed as well, with added protection to prevent remote initiation through the scheduled routine system.

Google has come under intense scrutiny in recent years not only for privacy issues but claims it censors information and searches of groups and individuals it disagrees with.

–wire services

Can You Help?

You can help Metro Voice fight Big Tech and the pandemic. For 32 years, Metro Voice has been a leader in the faith-based community. We have historically relied on advertising to fund the mission of our publication and sharing the Good News. We are now seeking donation partners who want to support our publication and our mission of faith-based journalism.

Do you like what you read here? Help us continue our mission by supporting Metrovoicenews.com for as little as a few bucks each month. Every contribution counts, big or small. We sincerely thank you for your continued support and encouragement in these critical times.

Ongoing Support


Monthly Giving



One-Time Gifts

 

 

Exit mobile version