Spying On Mobile Phone Calls
As smartphone manufacturers improve the quality of earbuds ear speakers in their devices, it has become easier for malicious actors to leverage secretly listen in on a targeted user’s telephone conversations.
Now, a team of university researchers have identified a new attack method they have named EarSpy to leverage side-channels for eavesdropping on user’s phone communications.
Eavesdropping on smartphones is an established threat to the user’s safety and privacy and recent studies show that loudspeaker reverberation can inject speech into motion sensor readings and consequent loss of privacy.
The technique was described by researchers in a paper published in December in collaboration between researchers from several universities, including Texas A&M University, Temple University, New Jersey Institute of Technology, Rutgers University, and the University of Dayton. According to the research, smartphone manufacturers’ efforts to improve ear speakers in their devices has led to new vulnerabilities.
EarSpy relies on the phone’s ear speaker and consists of capturing the tiny vibrations that are generated by the speaker. An attacker could then use this data to determine what the user is saying.
An attacker might also seek to install malware on a target’s phone to record calls via the microphone, however, as security continues to improve, this attack method has become increasingly difficult, although malware planted on a device could use the EarSpy attack to capture potentially sensitive information and send it back to the attacker.
Arxiv: Cyware: Oodaloop: Security Week: GoIncognito: Android Headlines: BoingBoing:
You Might Also Read:
Mercenary Hacking Group Selling Spyware:
If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.
- Individual £5 per month or £50 per year. Sign Up
- Multi-User, Corporate & Library Accounts Available on Request
- Inquires: Contact Cyber Security Intelligence
Cyber Security Intelligence: Captured Organised & Accessible