A new research project silently turns speakers and headphones into an eavesdropping mic.
Some computer users make a habit of putting a piece of tape on their web cam lens, just in case any hackers decided they wanted to eavesdrop. While the odds of a random hacker breaking into your computer to watch you may be unlikely, it is still a scary prospect, and the more cautious among us may be disheartened at hearing about a new research project out of Israel’s Ben Gurion University.
Researchers at the university have created a new proof-of-concept tool that they’re calling “Speake(a)r”. The software is meant to demonstrate how hackers could hijack a computer and record audio with it, even when the microphone has been disabled or removed. It does this by instead recording through heaphones or speakers. The physical characteristics of a microphone and speaker are quite similar. The tool re-purposes speakers and headphones, essentially by turning your audio jack into a microphone jack. Sound waves hitting the speakers’ membranes will then be turned into electromagnetic signals that record the audio.
The malware uses a feature of RealTek’s audio codec that can be used to switch the input and output channels on a computer’s sound board, and because RealTek chips are so common, almost every computer is vulnerable to the attack. Short of disabling both input and output channels, there is little that can be done currently to prevent it.
In their test, the researchers were able to use Speake(a)r to record audio from a pair of Sennheiser headphones. From six meters away, the headphones were able to clearly record a conversation, and the quality was good enough that after compression and being sent over the internet, a male voice could still be clearly understood.
“It’s very effective,” says Mordechai Guri, the research lead of Ben Gurion’s Cyber Security Research Labs. “Your headphones do make a good, quality microphone.” There is no simple way to fix the vulnerability with a software patch explains Guri, since the ability to switch channels is not a simple bug. Rather, it is a purpose-built feature that would require replacing the chip with an improved version to remove.
The full research paper detailing Speake(a)r and the experiments conducted with it, is available here.
Source: Ben-Gurion University