Researcher Matt Kunze discovered a bug in Google Home smart speaker that allowed a backdoor account for hackers to spy on users using the Google Home app.
The account could be used to control the smart speaker providing access to the microphone feed and other remote features, according to Bleeping Computer report.
Also read: How to set Google Maps as the default app on iPhone
The researcher received $1,07,500 from Google last year for discovering this vulnerability. According to Bleeping Computer, Kunze published technical details of the findings earlier this week.
The rouge or backdoor account uses cloud API (application programming interface) to send commands to the smart speaker. The API allows multiple computer programs to communicate.
As per reports, the hacker can request Google’s server to link the spear using device information, certificate, and cloud ID.
Also read: How to use YouTube’s Queue feature
The researcher discovered the issue in January 2021 and shared details in March 2021. According to reports, the tech giant fixed the issues in April 2021.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.