all i can suggest is you start logging your nest’s connections.
either use nests own logging or use something like wireshark… (this will produce a lot of data over a day if left scanning. so be warned. 
Looking for what in particular?
For somone connected to the nests OS, who can inject audio, but only does it once/infrequently?
Or for the many servers it connects to, sending its feedback?
The earlier suggestion of checking an account history from the company sounded better- what was the box playing between 18:20 and 19:30 or whatever, and see if it lists some random audio file?
Or does the support, if the website does not do that?
source ips and with the aim to submit a ticket to the server hosts abuse team.
pulling data out of a pcap is a pain for sure. especially if you have no idea what your looking for.
but wireshark has tools for that too.
now this wont be easy.
but it is doable.
then if its a hacker you can use mail abuse@ what ever host they are on.
submit a ticket and have the ip blacklisted.
or at the very least block the ip with a firewall rule or redirect to 0.0.0.0
if it is a hack google will want to know about it.
so submitting a bug form might even get you a bounty. (check the bug bounty sites to see if nest has a program)
this kinda sounds like what happens in my household, except its not a security concern, its a stupid streaming site
tl;dr: if you ask your Google Home or Speaker to play media from TuneIn Radio, then you tell it to Stop Playing, it does not actually “stop”, instead it leaves the stream paused. Every ~30min, TuneIn Radio pushes through advertisements that have the side-effect of un-pausing any paused streams.
This has been really startling for us on many occasions. The usual situation is that gf will be elsewhere in the house listening to music, stops the music and we go do something else for a while, then some time later we are surprised to hear the Google Home suddenly speaking at us. It ends up being some advertisement.
I would be surprised if the report in the OP is not related to something similar to this.
1 Like