For identifying security issues with Google Home smart speakers, a security researcher recently received a bug bounty award of $107,500. It is possible to exploit these issues to install backdoors into the software and make it able to spy on you remotely.
A researcher, who uses the name Matt, said this week in a technical write-up published by the University of Washington that it has been discovered that the flaws could be exploited by attackers who are within a wireless range of the device by installing a ‘backdoor’ account on the device so that they could access the microphone feed of the device remotely, send commands remotely through the internet, and make arbitrary HTTP requests within the victim’s local area network, according to the researcher, Matt, who wrote a technical report published earlier this week.
This malicious request, coupled with an attempt to identify the Wi-Fi password, could not only expose the Wi-Fi password but could also allow the adversary direct access to other connected devices on the same network so that he could carry out further attacks. In April 2021, Google remediated the issues that had arisen as a result of their responsible disclosure on January 8, 2021.
This problem, to put it modestly, is related to how the software architecture of Google Home can be exp
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: