Shulou(Shulou.com)11/24 Report--

CTOnews.com, Dec. 30 (Xinhua)-- Security researcher Matt Kunze reported serious vulnerabilities in Google Home to Google last year and recently received a hefty reward of $107500 (about 749000 yuan) from Google.

CTOnews.com learned that a vulnerability has been discovered on Google Home smart audio devices that allows attackers to install backdoor accounts for remote control and activate microphones to monitor user conversations. Kuntz disclosed all the technical details of the vulnerability and how to exploit it earlier this week.

Kuntz scanned the Nmap and found the port of Google Home's local HTTP API. So he sets up a proxy to capture encrypted HTTPS traffic, hoping to hijack the user's authorization token.

The researchers found that adding a new user to the target device requires two steps, requiring the device name, certificate, and a "cloud ID" from its local API. With this information, they can send link requests to Google servers.

More worryingly, the researchers found a way to abuse the "call [phone number]" command by adding it to a malicious routine that activates the microphone at a specified time, calls the attacker's number, and sends a real-time microphone feed.

Kuntz identified these issues in January 2021 and sent more details and PoC in March 2021. Google fixed all the problems in April 2021.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.