Israeli researchers from the Ben-Gurion University have reported a cyber attack scenario where malicious users can eavesdrop on users via their headphones.
Hackers Can Spy on Users via Headphones
Computer scientists from the Ben-Gurion University in Israel have devised a new attack scenario which can potentially be used by malicious users to eavesdrop on unsuspecting target users. The espionage infection is made by converting the headphones into a microphone which allows the hackers to record audio and spy on the victims.
Converting the headphones into an active microphone is not exactly a new strategy as it is used widely among gamers in LAN parties. However the security experts have used a new mechanism which uses the output channel of the audio card as input signal.
This is done using a malware program called Speak(a)r. It converts the vibrations in the air into electromagnetic signals. Thanks to a feature in the drivers of the Realtek audio codec chip it is possible to capture the audio and thus record the ambient noise which is around the victim’s headphones.
Realtek is one of the most popular vendors of chips which makes the majority of desktop users vulnerable to the attack. Unfortunately there is nothing that potential victims can do. The performed tests show that its possible to record audio from as far as 6 meters away. As the vulnerability is built into the Realtek chip no software patch can ammend the issue. The only possible mitigation strategy is to replace the audio card with another one which uses a different chip.
The researchers presented a demonstration where they used a pair of Sennheiser headphones. They were able to record audio from a distance of 6 meters and send the data in an compressed form over the Web.
The results are discussed in a research paper titled “SPEAKE(a)R: Turn Speakers to Microphones for Fun
It’s possible to manipulate the headphones (or earphones) connected to a computer,
silently turning them into a pair of eavesdropping microphones – with software alone.
The same is also true for some types of loudspeakers. This paper focuses on this threat
in a cyber-security context. We present SPEAKE(a)R, a software that can covertly turn
the headphones connected to a PC into a microphone. We present technical
background and explain why most of today’s PCs and laptops are susceptible to this
type of attack. We examine an attack scenario in which malware can use a computer
as an eavesdropping device, even when a microphone is not present, muted, taped
or turned off. We measure the signal quality and the effective distance, and survey
the defensive countermeasures.