Spying On Mobile Phone Calls

Uploaded on 2023-01-09 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

As smartphone manufacturers improve the quality of earbuds ear speakers in their devices, it has become easier for malicious actors to leverage secretly listen in on a targeted user’s telephone conversations. 

Now, a team of university researchers have identified a new attack method they have named EarSpy to leverage side-channels for eavesdropping on user’s phone communications. 

Eavesdropping on smartphones is an established threat to the user’s safety and privacy and recent studies show that loudspeaker reverberation can inject speech into motion sensor readings and consequent loss of privacy.

The technique was described by researchers in a paper published in December in collaboration between researchers from several universities, including Texas A&M University, Temple University, New Jersey Institute of Technology, Rutgers University, and the University of Dayton. According to the research, smartphone manufacturers’ efforts to improve ear speakers in their devices has led to new vulnerabilities.

EarSpy relies on the phone’s ear speaker and consists of capturing the tiny vibrations that are generated by the speaker. An attacker could then use this data to determine what the user is saying.

An attacker might also seek to install malware on a target’s phone to record calls via the microphone, however, as security continues to improve, this attack method has become increasingly difficult, although malware planted on a device could use the EarSpy attack to capture potentially sensitive information and send it back to the attacker.

Arxiv:    Cyware:    Oodaloop:     Security Week:    GoIncognito:     Android Headlines:   BoingBoing

You Might Also Read: 

Mercenary Hacking Group Selling Spyware:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Cybersecurity: Prepare For The Year Ahead
British Spy Chief Says War In Ukraine Is Changing Intelligence Gathering »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

AON

AON

Aon is a leading global provider of risk management (including cyber), insurance and reinsurance brokerage, human resources solutions and outsourcing services.

Digital Defense Inc (DDI)

Digital Defense Inc (DDI)

DDI offers vulnerability scanning, penetration testing, web application testing, social engineering and additional security assessments.

Openminded (OPMD)

Openminded (OPMD)

Openminded is a French security and network services company.

Haltdos

Haltdos

Haltdos is an AI driven website protection service that secures websites against today's cyber threats.

Tempered Networks

Tempered Networks

Tempered Networks delivers the first purpose-built platform for IIoT cybersecurity that allows customers to connect and secure devices in minutes without the need for specialized skills.

Dubai Electronic Security Center (DESC)

Dubai Electronic Security Center (DESC)

Dubai Electronic Security Center (DESC) was founded to develop and implement information security practices in Dubai.

NETAS

NETAS

Netas offers solutions in information and communication technologies including end-to-end value added solutions, system integration and technology services to providers and corporations.

Valire Software

Valire Software

Valire provide a solution for the automated detection of internal fraud.

CYDES

CYDES

CYDES is the first event in Malaysia to showcase advanced solutions and technologies to address cyber defence and cyber security challenges for the public and private sectors.

Cutting Edge Technologies (CE Tech)

Cutting Edge Technologies (CE Tech)

CE Tech is a Next Generation Technology Partner providing advanced technology infrastructure solutions through partnerships with leading technology providers.

Neosec

Neosec

We’re reinventing API security. Understanding behavior requires data, analytics, and intelligence. Neosec brings XDR techniques to application security.

Transatlantic Cyber Security Business Network

Transatlantic Cyber Security Business Network

The Transatlantic Cyber Security Business Network is a coalition of UK and US cyber security companies which facilitates collaboration to help address critical cyber security challenges.

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs are a group of IT security specialists, ethical hackers, and researchers driven to identify security flaws before cyber threat actors does.

DataPatrol

DataPatrol

DataPatrol is a software company, specialized in providing Security and Privacy of company’s data and information in an evolved way.

EGUARDIAN

EGUARDIAN

EGUARDIAN serves as a Value-Added Distributor and technology enabler in the APAC region with the aim of further expanding globally and cater to the needs of the demands with the emerging technology.