Security researchers have demonstrated a method to remotely control smart homes by manipulating a calendar invitation to exploit Google's AI Gemini. This technique, showcased at the Black Hat conference, highlights vulnerabilities in smart home systems and has prompted Google to implement protective updates.
Researchers Hack Smart Homes Using Google's AI Gemini
Researchers Hack Smart Homes Using Google's AI Gemini
Security researchers have shown that a manipulated calendar invitation can be enough to remotely access a smart home. Blinds were raised, lights were turned off, and a water heater was activated.
The researchers call the method they used to hack Google's AI Gemini "Promptware." By using something as trivial as a calendar invitation, the researchers managed to trick Google into controlling a smart home remotely, reports ARS Technica.
The invitation contained a description that was actually a set of smart home instructions activated when the recipient asked Google's AI Gemini to summarize it. The result was that blinds were raised, lights were turned off, and a water heater was activated.
The method succeeded in bypassing Google's security barriers because the embedded commands were linked to completely normal interaction with Gemini.
Demonstrated at Conference
The method was demonstrated by security researchers at the Black Hat security conference. However, the researchers informed Google about the method last winter and have also helped Google find ways to stop this type of attack.
In June, Google implemented updates with protective mechanisms to stop the attack method. However, it is also a clear reminder of how vulnerable smart homes can be.