Hackers could spy on conversation using Google Home Speakers

An exploit in Google Home’s smart speaker enabled the installation of a backdoor account. This could allow remote control and monitoring as well as access to the microphone feed to make it a spying device.

The issue was discovered by a researcher who received $107,000. He responsibly reported it to Google in the last year. The researcher released technical information about his finding as well as an attack scenario earlier this week to demonstrate how it could be exploited.

Compromise process

The researcher was experimenting with his Google Home mini speaker and discovered that accounts created using Google Home could be used to send commands via cloud API.

The researcher used Nmap to scan the internet to find the IP address for Google Home’s local HTTP API. He then set up proxy servers to collect encrypted HTTPS traffic and attempt to get the authorization token.

Captured HTTPS (encrypted) traffic


Researchers discovered that the two-step procedure of adding a user to the target device requires the device’s name, certificate and cloud ID from the local API. They could then send a request for a Google link to this information.

The analyst used Python to automate the exfiltration and reproduction of local device data in order to add the rogue user as a Google Home target device.

The linking request that carries the device ID data


This is the researcher’s summary of the attack:

  1. An attacker wants to monitor the victim wirelessly from the Google Home, but does not have their Wi-Fi password.
  2. An attacker finds victim’s Google Home and listens for MAC addresses that have prefixes related to Google Inc. E4:F0:42).
  3. To disconnect the device’s network, an attacker sends out deauth packets. This causes it to enter setup mode.
  4. An attacker will connect to the device’s network and request information (name, certificate, cloud ID).
  5. An attacker uses device information to connect to the Internet and link to victim’s account.
  6. An attacker may now monitor the victim’s Google Home online (no need for the victim to be near the device).

Three PoCs were published by the researcher to support the above actions. These should work on Google Home devices with the most recent firmware versions.

PoCs go beyond just planting a rogue users and allow spying on the microphone and making arbitrary HTTP request on the victim’s network. They also enable reading/writing of arbitrary files.

Potential implications

A rogue account can be linked to the target device to allow you to do actions through the Google Home speaker. This includes controlling smart switches and making online purchases. Remotely unlocking vehicles or doors remotely.

Worse, the researcher discovered a way of evading the “call

” command. He added it to a malicious program that activated the microphone at a specific time. The attacker was then called and the live feed sent to the microphone.

The malicious routing that captures mic audio


The LED on the phone will turn blue during the call. This is the only sign that activity has occurred. The victim may notice it and assume that the device is upgrading its firmware. A pulsating LED is used to indicate the standard microphone activation. This does not occur during calls.

It’s possible to also play media, force a restart, force the speaker to forget Wi-Fi networks and force new Bluetooth or Wi Fi pairings.

Google fixes

An analyst found the problems in January 2021. He sent more details in March 2021. All problems were fixed by Google in April 2021.

This patch features an invite-based system for managing account links. It blocks attempts to add accounts on the Home network.

It is possible to deauthenticate Google Home, however, this cannot be used for linking a new account. The local API which leaked basic device information is also unavailable.

Google added protection for “call

“, to stop it being remotely initiated through routines.

Noting that Google Home launched in 2016, and scheduled routines were introduced in 2018. The Local Home SDK was also introduced in 2020. This means an attacker who finds the problem before April 2021 will have plenty of time.