Malware that can covertly transform headphones into a pair of microphones can turn your personal computer into an unremitting spying device, warn researchers.
Using the malware called SPEAKE(a)R, the researchers at Ben-Gurion University of the Negev (BGU) in Israel demonstrated how most PCs and laptops today are susceptible to this type of attack.
Researchers Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, Yuval Elovici have also published a paper demonstrating its proof-of-concept software, SPEAKE(a)R. This software can covertly turn the headphones connected to a PC or laptop into a microphone. In their video, they demonstrate an attack scenario where the malware can use a computer as an eavesdropping device, even when the microphone is not present, muted, taped, or turned off.
Over-suspicious users often open up their laptops/PCs to remove the inbuilt microphone, or tape their web cameras to prevent their devices from being used to spy on them. However Guri explains, "People don't think about this privacy vulnerability. Even if you remove your computer's microphone, if you use headphones you can be recorded."
The report explains that the Ben Gurion researchers demonstrated this hack by using a RealTek audio codec chip feature to switch the PCs output channel as an input channel. The researchers further claim that these RealTek chips are extremely common and work on almost every computer out there - be it running on Windows or macOS. "This is the real vulnerability. It's what makes almost every computer today vulnerable to this type of attack," explains Guri.
Through the loophole, the researchers claim that hackers can record audio coming from as far as 20 feet away, and then compress it to make it easily shareable on the Internet. Many users are paranoid about their devices being hacked, and they take different measures to prevent it. For example, Facebook CEO Mark Zuckerberg tapes his web camera to prevent hackers from spying in through the lens.
However, its good to keep in mind that a simple quick fix won't eradicate this vulnerability. The researchers claim that replacing and redesigning the RealTek chip on all current and future computers is the only effective solution for now.
Source: Research Paper
Follow Me on Twitter>>>> @iamBhavish
And like us on Facebook>>> The Gud1
No comments:
Post a Comment