Wow, now this is interesting. A trivial virus leveraging functions largely from other software evades detection by antivirus software, and is very difficult to detect in its own right. The spreading is very successful for this reason.
10`90110/https://arstechnica.com/information-technology/2019/02/hard-to-detect-credential-theft-malware-has-infected-1200-and-is-still-going/
Google admits that the Google Nest’s technical specifications should have stated that it contains a microphone, but the original ones didn’t. That was an “error” on their part. Nevertheless, in the modern era of consumer privacy suspicion, this is a very eyebrow-raising error. Not to mention the product development and release standards that led up to this error… “higher-level” software developers are well-known for littering their software with many more bugs than microcontroller firmware engineers, so it comes as no surprise that the hardware’s documented specifications showcased this same level of inaccuracy.
20190220/https://www.businessinsider.com/nest-microphone-was-never-supposed-to-be-a-secret-2019-2
Beyond smart thermostats, Google also has a similar Internet of Things suite of smoke detectors, security cameras, and camera doorbells. Of course, be forewarned that they are not meant to undergo the same rigor of traditional embedded device development for these gadgets, or even the same level of mere simplicity.