Kunze received $107,500 from Google for discovering this vulnerability which turned the Google Nest Mini from a smart speaker into a device able to snoop on the user’s conversations and more. The rogue account can be used to control the smart speaker by sending it commands remotely via the cloud API (application programming interface). The API allows two or more computer programs to communicate.
The researcher was able to make this happen by creating a malicious routine that included the “call [phone number]” command. This activated the microphone at a specified time, calling the attacker’s phone (as we mentioned in the above paragraph) allowing him to listen in via the microphone on the smart speaker. Kunze recorded a video showing how the Nest Mini’s microphone can send conversations to a smartphone, which in this case would be in the possession of the bad actor.
The issue was discovered by Kunze in January 2021 and Google fixed it in April 2021. Anyone running the latest firmware should not be concerned with this issue.
Conclusion: So above is the Google smart speaker can be used by attacker to listen in to your private convos article. Hopefully with this article you can help you in life, always follow and read our good articles on the website: Megusta.info