Recently, the product of smart speakers becomes mature and popular. Since the voice assistant of the smart speaker is always listening to users’ commands to issue services, it leads to security vulnerabilities. We find that the login password for root access to the UART ports of the XIAOMI smart speakers is either not configured or configured by certain pattern which can be accessed by using system commands. After login as root, we can inject malware into XIAOMI smart speakers so that we can eavesdrop on conversations between user and voice assistant to perform privacy stealing attack, even when users turn off the microphone. We demonstrate three attack scenarios including eavesdropping, spear phishing, and passive phishing. Finally, we propose mitigations to such attacks for both manufacturers and user.