The Internet of Things (IoT) also has its share of vulnerabilities. in a article Titled “Turning Google Smart Speakers Into Listening Devices for $100,000,” cybersecurity researcher Matt Kunz explains how he managed to infiltrate a smart speaker from Google Home in order to turn it into a real listening device. to spy. A demo passed on by our colleagues from Computer.
Exploit device API
After discovering the vulnerability in the Google Home Mini’s firmware, Matt Kunz reported the bug to Google. A good deed is rewarded Bug bonus for the modest sum of $107,500 by the American giant. It was discovered at the beginning of 2021, and since then the bug has been fixed by the developers.
The vulnerability discovered by Matt allowed a third-party Google account to be associated with the Home Mini speaker and fully exploit the device’s functionality. To carry out the attack, the researcher disconnected the Google Home from the host’s wifi using a Deauthentication attack (denial-of-service attack within wifi). Once you disconnect from the network, the device then goes into configuration mode and creates the wireless wifi network itself, without a password.
The finder then takes the opportunity to retrieve the device information (name, certificate, and cloud identifier) through the use of the internal API (web server) of the Google Home. Once the credentials have been retrieved, along with the name, cloud ID, and certificate, the researcher can link their Google account to the smart magnifier.
Listen to Google Home remotely
By linking their Google account to the device, the searcher is able to exploit a large number of malicious actions. It can, in particular, control smart keys, make purchases on the Internet (if the service is configured) or … spy on conversations. To manage listening to the audio stream from the speaker’s microphone, the researcher found a way to shift the Google Home call function (via a Google Home routine) in order to hear sounds near the device in real time. The only indication of this malicious eavesdropping: the device’s LED lights up blue. Details that many potential victims cannot identify.
In his presentation, Matt Kunz reveals the many other malicious possibilities that this vulnerability offers. It will also be possible to apply permanent modifications within the system, after restarting the latter. The researcher made it available on githubFor educational purposes, some of the Python scripts used in this attack.
The researcher discovered vulnerabilities in the Google Home Mini system in January 2021 and immediately sent the information to Google. I tested everything on a Google Home Mini, but I assume these attacks worked similarly on other Google smart speaker models., locates the researcher on his site. The patch was posted quickly, in April of the same year. At present, the system will no longer allow the Google account to be added with this technology, and the device connection function has been locked.
:format(url)/cloudfront-us-east-1.images.arcpublishing.com/lescoopsdelinformation/Y7FJAXCBW5BH5FNDJNZZZZEXSA.jpg)
