Google Home speakers were at risk of eavesdropping hackers
Google gave the researcher who discovered the issue $107,500 for responsibly reporting the issue.
Now, before you tell everyone on your contact list to unplug their devices, Google patched the issue and fixed the speaker’s vulnerability.
Alright, now some background. Security researcher Matt Kunze noticed a loophole allowing any clever hacker to install a “backdoor” account on your smart speaker.
More importantly, Kunze found that bad actors could potentially remotely send commands to the device, listen in on your every word, and even snoop on your other smart devices.
Kunze shows how he remotely listened in on a Google Home speaker
Here’s a quick video Kunze uploaded to YouTube showing how he can remotely tap into the device, eavesdrop, and record a conversation.
Before the fix, all an attacker had to do is be within wireless range, and boom – they had full access to your life.
And as if that wasn’t bad enough, they could potentially expose your Wi-Fi password or gain access to other devices.
Thankfully, the issue is now patched. Kanze brought this to Google’s attention, and the company rewarded him with $107,500 for responsibly disclosing the vulnerability.
Don’t panic – there’s no cause for concern
Now, before you go running for the hills (or at least unplugging all your gadgets), it’s worth noting that these types of vulnerabilities are rare.
In fact, Kunze states that Nest and Home devices are secure for the most part and don’t have many weaknesses for attackers to exploit.
So, you can probably keep your smart speaker plugged in without worrying, at least for now. To learn more, check out Kunze’s blog detailing everything in his research.
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.