{"id":208642,"date":"2023-01-01T10:43:35","date_gmt":"2023-01-01T09:43:35","guid":{"rendered":"http:\/\/sftarticles.wpenginepowered.com\/en\/?p=208642"},"modified":"2025-07-01T20:13:04","modified_gmt":"2025-07-02T03:13:04","slug":"google-home-speakers-hackers-spied","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/google-home-speakers-hackers-spied\/","title":{"rendered":"Google Home Speakers Allowed Hackers to Spy on You"},"content":{"rendered":"\n<p>One of our biggest fears when using the internet is that someone could access our private information or listen to everything that we\u2019re saying. Recently Mark Kunze, a security researcher, discovered that your <strong><a href=\"https:\/\/chromecast.en.softonic.com\/\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"Google Home\">Google Home<\/a> speakers<\/strong> could be posing such a threat by <strong>acting as a bug.<\/strong>\u00a0<\/p>\n\n\n\n<p>Kunze\u2019s discovery got him a sum of $107 500 from Google. Stay with us and discover what this technical issue could mean for the security of your internet and Google home speaker. According to his <a href=\"https:\/\/downrightnifty.me\/blog\/2022\/12\/26\/hacking-google-home.html\" target=\"_blank\" rel=\"noreferrer noopener\" title=\"technical summary\">technical summary<\/a>, this means that an <strong>attacker can install a \u2018backdoor account&#8217; <\/strong>on your Google home speaker as long as they&#8217;re within wireless proximity.\u00a0<\/p>\n\n\n\n<p>While Khunze was doing his research using his mini Google Home speaker, he discovered the following:\u00a0<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>If a backdoor account is installed: it can be used to control your device by sending remote commands.\u00a0 This means your device can be turned into a spying device by accessing its microphone feed.\u00a0<\/li><li>A snooper could also access a victim&#8217;s Wi-Fi password and other devices on a similar network. With the victim&#8217;s device, the attacker could call a specific phone number and mess with the device&#8217;s volume<\/li><li>Using the Nmap scan, Kunze found the port for the local HTTP API of Google home. This helped to set up a proxy to capture any encrypted HTTPS traffic with the hope of snatching the authorization token.\u00a0<\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"305\" height=\"165\" src=\"https:\/\/articles-img.sftcdn.net\/sft\/articles\/auto-mapping-folder\/sites\/3\/2023\/01\/Google-Home-Speakers-2.jpg\" alt=\"Google Home Speakers 2\" class=\"wp-image-208646\" srcset=\"https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2023\/01\/Google-Home-Speakers-2.jpg 305w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2023\/01\/Google-Home-Speakers-2-300x162.jpg 300w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2023\/01\/Google-Home-Speakers-2-18x10.jpg 18w, https:\/\/articles-img.sftcdn.net\/auto-mapping-folder\/sites\/3\/2023\/01\/Google-Home-Speakers-2-150x81.jpg 150w\" sizes=\"auto, (max-width: 305px) 100vw, 305px\" \/><\/figure><\/div>\n\n\n\n<p>The researcher Kunze says the only thing that alerts the victim is the blue LED light on the device that turns solid blue when the speaker is on call. If the victim isn\u2019t familiar with this, they are likely to think the device is <strong>updating or performing<\/strong> another important task.\u00a0<\/p>\n\n\n\n<p>Another piece of great news is that there is no evidence of this security loophole being misused by anyone. All thanks to Kunze and his amazing research skills. He also has a detailed report on the research work done if you need to know more.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of our biggest fears when using the internet is that someone could access our private information or listen to everything that we\u2019re saying. Recently Mark Kunze, a security researcher, discovered that your Google Home speakers could be posing such a threat by acting as a bug.\u00a0 Kunze\u2019s discovery got him a sum of $107 &hellip; <a href=\"https:\/\/cms-articles.softonic.io\/en\/google-home-speakers-hackers-spied\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Google Home Speakers Allowed Hackers to Spy on You&#8221;<\/span><\/a><\/p>\n","protected":false},"author":9205,"featured_media":208644,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[1068],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-208642","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-google"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/208642","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9205"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=208642"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/208642\/revisions"}],"predecessor-version":[{"id":322686,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/208642\/revisions\/322686"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/208644"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=208642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=208642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=208642"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=208642"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=208642"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=208642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}