Home News Smartphone’s microphone used for launching Acoustic side-channel attack: Researchers

Smartphone’s microphone used for launching Acoustic side-channel attack: Researchers

Ultrasonic Waves Used to Launch Surfing Attacks on Smartphones

With technology advancing day by day, the cyber-attackers too are finding innovative ways to get into our devices.  Researchers have discovered that hackers can use the microphone on the smartphone to steal the phone password and gain access to the device’s data.

Academic researchers from England and Sweden designed a malware that can exploit the smartphone’s microphone to steal the device’s passwords and codes. In their report, Hearing your touch: A new acoustic side-channel on smartphones, the researchers claimed that they’ve found the first Acoustic side-channel attack that presents what users type on their touch-screen devices.

The malware is created to figure out the PIN code and password to your phone or tablet by simply hearing your keystrokes, according to the researchers.

“We found the device’s microphone(s) can recover this wave and ‘hear’ the finger’s touch, and the wave’s distortions are characteristic of the tap’s location on the screen,” the researchers said in the report. The researchers performed the attack trail by monitoring 45 participants with Android smartphones are were able to recover 61% of 200 PINs on the devices within 20 tries.

Many of the recent surveys discovered the unknown vulnerabilities in the smart devices that we use often. Recently, a security researcher revealed that hackers can exploit smart home appliances like coffee machines and TVs to steal people’s sensitive information. According to Vince Steckler, Chief Executive at security firm Avast, the Internet-connected devices used in the home, like laptops, mobile phones, and other smart gadgets, aren’t secure as they allow hackers to use them to get hold of bank details and other personal information.

Steckler stated that cybercriminals can make use of potential vulnerabilities in the Internet of Things (IoT) devices and compromise them to steal their owner’s sensitive details.

“Coffee machines are not designed for security. TVs are not designed for security. What they are is additional vectors to get into your network. And you can’t protect them,” Steckler said in a media statement.

Also, a cybersecurity expert Yossi Atias took the stage at Mobile World Congress to demonstrate a live hack of the Amazon Ring video doorbell, exposing a previously unknown vulnerability in the popular IoT device. The hack revealed unencrypted transmission of audio and/or video footage to the Ring application allows for arbitrary surveillance and injection of counterfeit video traffic, effectively compromising home security and putting family members’ safety at risk.

Earlier in 2018, a research from cybersecurity solutions provider Check Point revealed how organizations and individuals are vulnerable to hacking through their fax machines. The researchers at Check Point stated that fax machines have security vulnerabilities which could possibly allow a hacker to steal data through a company’s network using just a phone line and a fax number. The researchers also showed how they were able to exploit security flaws in a Hewlett Packard all-in-one printer. The findings were presented by Check Point’s researchers Yaniv Balmas and Eyal Itkin at DEFCON 26.