The technique was demonstrated this week by researchers at Israel’s Ben Gurion University (BGU). The proof-of-concept exploit enables headphones connected to a computer to be repurposed as a microphone. They can then be used to surreptitiously record conversations, enabling attackers to snoop on you without your knowledge.
Headphones, earphones and other forms of speaker can be transformed into microphones with relative ease. They all use the same fundamental technology. When you connect headphones to your PC, using one of the audio jacks, the sound card detects it as a pair of headphones. However, it’s possible to change each port’s function using software, allowing you to change your headphone jack into a mic port or vice versa.
Malware is able to do likewise, assigning the headphone jack the role of a mic input on-the-fly. This leaves the headphones operating as a pair of microphones, allowing an attacker to listen in on conversations around the computer. In an audio test, the researchers found the quality of the collected sound is on par with most basic desktop microphones.
“The fact that headphones, earphones and speakers are physically built like microphones and that an audio port’s role in the PC can be reprogrammed from output to input creates a vulnerability that can be abused by hackers,” said Prof. Yuval Elovici, director of the BGU Cyber Security Research Center (CSRC) and a member of BGU’s Department of Information Systems Engineering.
“We demonstrated is possible to acquire intelligible audio through earphones up to several meters away,” added Dr. Yosef Solewicz, an acoustic researcher at the BGU CSRC.
At present, there is no reliable way to defend against this kind of attack. It is possible to install software that alerts you when a microphone is being used, although the malware that triggers the port change could subvert this kind of program.
The only certain way to avoid the snooping is to unplug your headphones after use. Most PC users won’t even consider their headphones as a potential threat while carrying out a security audit, leaving them plugged in for convenience.
Attackers could use this fact to readily snoop on conversations with comparative ease. While there’s currently no suggestion the attack is being used in the wild, it’s possible hackers or governments could use the technique to target certain individuals in the future.
