Tag Archive for: eavesdrop

Can the New EarSpy Hack Eavesdrop on Your Phone Conversations Through Vibrations?

/in


Eavesdropping on Phone Conversations Just Got Easier.

Eavesdropping on Phone Conversations Just Got Easier. (Representational image)

Photo : iStock

Mobile security is a constantly evolving field, with new vulnerabilities constantly emerging. Imagine mobile security as a highway: just as new potholes can form on a highway every day, new vulnerabilities can appear in mobile security. The effectiveness of mobile security also depends on users taking care to protect their devices and avoid compromise, much like how the smoothness of a drive on a highway depends on drivers taking care to avoid accidents.
A group of researchers from several reputable American universities have recently developed a new attack method called EarSpy, which is designed to capture what users say through their phone’s speaker by analyzing vibrations caused by the user’s voice.

This attack can even work when the phone is held up to the ear, and was found to be very effective at identifying the gender of the speaker and the words spoken when tested on newer models of the OnePlus phone. In one particular set of tests using the OnePlus 7T, EarSpy was able to correctly identify the gender of the speaker in 98.66% of samples.

Across multiple phones, sample sets, and analysis models, gender recognition was fairly accurate, with the lowest reading being 65.53%. EarSpy was also able to detect the speaker’s identity with a top accuracy rate of 91.24%, nearly three times better than a random guess.

However, the accuracy of EarSpy in understanding the exact words spoken was lower. When tested using samples of actors reciting a sequence of digits, the best performer achieved a hit rate of only 56%. Despite this lower accuracy, the researchers noted that this is still five times more accurate than making a random guess.

The authors of the research paper also pointed out that while the impact of speakerphone vibrations on raw accelerometer data is relatively low and algorithmic word detection using this data is spotty, adversaries using the EarSpy attack can still determine key components of the conversation, such as who is speaking and what is being spoken about. In theory, EarSpy could be leveraged by malware that has infiltrated a device to relay accelerometer data back to the…

Source…

Security researchers show how to eavesdrop on mobile phone calls by measuring the ear speaker’s tiny vibrations

/in


While it’s possible that malware on your smartphone could record your calls, it’s an increasingly difficult technical proposition. Instead, researchers from Texas A&M University and colleagues have demonstrated that it’s possible to eavesdrop on phone calls by measuring the tiny vibrations of the ear speaker using a phone’s built-in accelerometers and then decoding that data remotely to determine what was said. They call the method EarSpy. From Security Week:

They conducted tests on the OnePlus 7T and the OnePlus 9 smartphones — both running Android — and found that significantly more data can be captured by the accelerometer from the ear speaker due to the stereo speakers present in these newer models compared to the older model OnePlus phones, which did not have stereo speakers.

The experiments conducted by the academic researchers analyzed the reverberation effect of ear speakers on the accelerometer by extracting time-frequency domain features and spectrograms. The analysis focused on gender recognition, speaker recognition, and speech recognition[…]

When it comes to actual speech, the accuracy was up to 56% for capturing digits spoken in a phone call.

EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers(arXiv)

Source…

Cisco rolls out fix for Webex flaws that let hackers eavesdrop on meetings

/in


Promotional image for video-conferencing software.

Cisco is rolling out fixes for three vulnerabilities in its Webex video-conference software that made it possible for interlopers to eavesdrop on meetings as a “ghost,” meaning being able to view, listen, and more without being seen by the organizer or any of the attendees.

The vulnerabilities were discovered by IBM Research and the IBM’s Office of the CISO, which analyzed Webex because it’s the company’s primary tool for remote meetings. The discovery comes as work-from-home routines have driven a more than fivefold increase in the use of Webex between February and June. At its peak, Webex hosted up to 4 million meetings in a single day.

The vulnerabilities made it possible for an attacker to:

  • Join a meeting as a ghost, in most cases with full access to audio, video, chat, and screen-sharing capabilities
  • Maintain an audio feed as a ghost even after being expelled by the meeting leader
  • Access full names, email addresses, and IP addresses of meeting attendees, even when not admitted to a conference room.

Cisco is in the process of rolling out a fix now for the vulnerabilities, which are tracked as CVE-2020-3441, CVE-2020-3471, and CVE-2020-3419. Below is a video demonstration and deeper explanation:

IBM Works with Cisco to Exorcise Ghosts from Webex Meetings.

Manipulating the handshake

Attacks work by exploiting the virtual handshake that Webex uses to establish a connection between meeting participants. The process works when an end user and server exchange join messages that include information about the attendees, the end-user application, meeting ID, and meeting-room details. In the process, Webex establishes a WebSocket connection between the user and the server.

“By manipulating some of the key fields about an attendee sent over a WebSocket when joining a meeting, the team was able to inject the carefully crafted values that allow someone to join as a ghost attendee,” IBM researchers wrote in a post published on Wednesday. “This worked because of improper handling of the values by the server and other participants’ client applications. For example,…

Source…

Spies can eavesdrop by watching a light bulb’s variations

/in
Spies can eavesdrop by watching a light bulb’s variations

Enlarge (credit: Michael Blann | Getty Images)

The list of sophisticated eavesdropping techniques has grown steadily over years: wiretaps, hacked phones, bugs in the wall—even bouncing lasers off of a building’s glass to pick up conversations inside. Now add another tool for audio spies: Any light bulb in a room that might be visible from a window.

Researchers from Israeli’s Ben-Gurion University of the Negev and the Weizmann Institute of Science today revealed a new technique for long-distance eavesdropping they call “lamphone.” They say it allows anyone with a laptop and less than a thousand dollars of equipment—just a telescope and a $ 400 electro-optical sensor—to listen in on any sounds in a room that’s hundreds of feet away in real-time, simply by observing the minuscule vibrations those sounds create on the glass surface of a light bulb inside. By measuring the tiny changes in light output from the bulb that those vibrations cause, the researchers show that a spy can pick up sound clearly enough to discern the contents of conversations or even recognize a piece of music.

“Any sound in the room can be recovered from the room with no requirement to hack anything and no device in the room,” says Ben Nassi, a security researcher at Ben-Gurion who developed the technique with fellow researchers Yaron Pirutin and Boris Zadov, and who plans to present their findings at the Black Hat security conference in August. “You just need line of sight to a hanging bulb, and this is it.”

Read 10 remaining paragraphs | Comments

Biz & IT – Ars Technica