By B.N. Frank
Over the years, countless experts have warned about cybersecurity risks with all “smart” technology as well as 5G. In regard to “smart” home devices, university researchers released additional warnings about them last month. More recently, a researcher revealed disquieting information specifically for Google Home speaker users.
Researcher Reveals Google Home Speakers Could’ve Been Hijacked And Turned Into Wiretaps
by Tyler Durden
Security researcher Matt Kunze revealed a serious vulnerability in Google smart home speakers that could’ve enabled threat actors to gain remote access over the devices.
Kunze was experimenting with his own Google Home speaker in early 2021 when he found a hacker could install a ‘backdoor’ account on the device over the web. He detailed the security flaw at length on his blog, indicating someone could send commands to the speaker remotely, access its microphone, scrape Wi-Fi passwords, and access other devices on the network.
He said the hacker would have to trick the target or victim into installing a malicious Android app, which allowed the attacker’s account to connect with the smart speaker. Once the hacker was in, the microphone in the Google Home speaker would be easily accessible to snoop on conversations.
The victim would be clueless about the hack. Kunze said, “the only thing they might notice is that the device’s LEDs turn solid blue, but they’d probably just assume it’s updating the firmware or something.”
He reported the security flaw to Google in early 2021, and a patch was provided to all devices in April of the same year. The tech giant rewarded him with more than $100,000 for his efforts.
“I was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a “backdoor” account on the device, enabling them to send commands to it remotely over the internet, access its microphone feed, and make arbitrary HTTP requests within the victim’s LAN (which could potentially expose the Wi-Fi password or provide the attacker direct access to the victim’s other devices). These issues have since been fixed,” he wrote on his blog.
“It’s worth noting that Google Home was released in 2016, scheduled routines were added in 2018, and the Local Home SDK was introduced in 2020, so an attacker finding the issue before April 2021 would have had plenty of time to take advantage,” Tech blog Bleeping Computer pointed out.
Activist Post is Google-Free
Support us for just $1 per month at Patreon or SubscribeStar
Of course, “smart” devices also emit harmful electromagnetic and wireless radiation and manufacturers are required to provide warnings about exposure risks to users. In fact, last year, a U.S. federal court ruled in favor of organizations and petitioners that sued the Federal Communications Commission (FCC) for NOT adequately protecting Americans from wireless radiation exposure (including 5G). Non-profit groups have also petitioned the U.S. Health and Human Services Department (HHS) and Food and Drug Administration (FDA) to declare wireless radiation an “imminent” health hazard and to start warning the public. Got pets? Exposure is bad for their health too!
Activist Post reports regularly about privacy invasive and unsafe technology. For more information, visit our archives and the following websites:
Become a Patron!
Or support us at SubscribeStar
Donate cryptocurrency HERE
Subscribe to Activist Post for truth, peace, and freedom news. Follow us on SoMee, Telegram, HIVE, Flote, Minds, MeWe, Twitter, Gab, What Really Happened and GETTR.
Provide, Protect and Profit from what’s coming! Get a free issue of Counter Markets today.
Be the first to comment on "Got Google Smart Home Speakers? Researcher Reveals How Hackers Can “snoop on conversations”"