Google Home smart speakers were reportedly found to have a severe security vulnerability, potentially allowing hackers to spy on unsuspecting users.

A researcher reportedly discovered that a rogue account could be created using the Google Home App, which can then be used to get remote access to the smart speaker, including its microphone feed. The rogue account uses cloud API (application programming interface) to send commands to the smart speaker, allowing multiple computer programs to communicate.

The information needed to hack the intelligent device includes the speaker’s name, certificate, and cloud ID. The hacker can send a request to Google’s server to link the smart speaker using this information. Then it can be used to make online transactions, control smart appliances, and even unlock the front door.

The researcher discovered it by making a malicious routine that included a call command. This allowed him to activate the microphone in the smart speaker at a specified time. He even recorded a video showing how the Nest Mini’s microphone can send conversations to a smartphone. Upon discovering it, he received $1,07,500 from Google. However, this bug was discovered in early 2021 and Google fixed it in April 2021.