Android apps can conspire to mine information from your smartphone
Researchers at Ben-Gurion University of the
Negev (BGU) have demonstrated malware that can turn computers into
perpetual eavesdropping devices, even without a microphone.
In the new paper, "SPEAKE(a)R: Turn Speakers to Microphones for Fun
and Profit," the researchers explain and demonstrate how most PCs and
laptops today are susceptible to this type of attack. Using SPEAKE(a)R,
malware that can covertly transform headphones into a pair of
microphones, they show how commonly used technology can be exploited.
"The fact that headphones, earphones and speakers are physically
built like microphones and that an audio port's role in the PC can be
reprogrammed from output to input creates a vulnerability that can be
abused by hackers," says Prof. Yuval Elovici, director of the BGU Cyber
Security Research Center (CSRC) and member of BGU's Department of
Information Systems Engineering.
"This is the reason people like Facebook Chairman and Chief Executive
Officer Mark Zuckerberg tape up their mic and webcam," says Mordechai
Guri, lead researcher and head of Research and Development at the CSRC.
"You might tape the mic, but would be unlikely to tape the headphones or
speakers."
A typical computer chassis contains a number of audio jacks, either
in the front panel, rear panel or both. Each jack is used either for
input (line-in), or for output (line-out). The audio chipsets in modern
motherboards and sound cards include an option for changing the function
of an audio port with software -a type of audio port programming
referred to as jack retasking or jack remapping.
Malware can stealthily reconfigure the headphone jack from a line-out
jack to a microphone jack, making the connected headphones function as a
pair of recording microphones and turning the computer into an
eavesdropping device. This works even when the computer doesn't have a
connected microphone, as demonstrated in the SPEAKE(a)R video.
The BGU researchers studied several attack scenarios to evaluate the
signal quality of simple off-the-shelf headphones. "We demonstrated is
possible to acquire intelligible audio through earphones up to several
meters away," said Dr. Yosef Solewicz, an acoustic researcher at the BGU
CSRC.
Potential software countermeasures include completely disabling audio
hardware, using an HD audio driver to alert users when microphones are
being accessed, and developing and enforcing a strict rejacking policy
within the industry. Anti-malware and intrusion detection systems could
also be developed to monitor and detect unauthorized speaker-to-mic
retasking operations and block them.
No comments: