Your headphones may be tracking you – how a Google Fast Pair exploit lets hackers spy in seconds

Update your devices now

News By Alex Blake published 16 January 2026

(Image credit: Generated with Adobe Firefly AI) Share Share by:

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google

• Attackers can hack your speaker’s microphones and track your location
• The vulnerability is found in Google’s Fast Pair feature
• Researchers say the flaw could affect millions of devices

Google’s Fast Pair feature is meant to let you connect your headphones and speakers to your Android or ChromeOS device with just one tap. Yet now it seems that the price of that convenience is a security vulnerability that could leave millions of devices open to hackers and eavesdroppers.

That startling discovery was made by security researchers at Belgium’s KU Leuven University Computer Security and Industrial Cryptography group (via Wired), who are dubbing the collection of vulnerabilities WhisperPair.

There, an investigation found that 17 major headphone and speaker models could be accessed by hackers just as easily as regular users. The devices are made by companies across the industry, including Google, Jabra, JBL, Logitech, Marshall, Nothing, OnePlus, Sony, Soundcore and Xiaomi.

In practice, an intruder could potentially gain power over your device’s microphone and speakers or even track your location. That would allow them to play their own audio into your earphones or silently switch on your microphones and eavesdrop on your conversations.

If the target device is compatible with Google’s Find Hub location tracking system, they could follow you in the real world. And as scary as that sounds, it’s not even the first time that Find Hub has been broken into by dangerous hackers.

Worse, this can even be done if the victim’s device runs iOS and the target has never used a Google product before. If your device has never been connected to a Google account – which might be the case if you’re an iPhone user – a hacker could not only snoop on it but also pair it to their own Google account.

That’s because Google’s system identifies the first Android device that connects to target speakers or headphones as the owner, a weakness that would let a hacker track your location in their own Find Hub app.

Get daily insight, inspiration and deals in your inbox

Sign up for breaking news, reviews, opinion, top tech deals, and more.

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors