Rig used by researchers

Malware can alter local motherboard or sound card settings and turn your headphones or speakers into covert microphones, allowing attackers to record sound from computers that you previously thought to be safe.

In many secure environments, it is forbidden to connect a microphone to a computer, due to fears that malware might secretly start the mic and record nearby conversations.

Microphones can work as speakers, and vice versa

What most people don't know is that at the hardware level, the internal structure of a microphone and speaker doesn't differ that much.

Both are basically a diaphragm that moves through an electric field, transforming sound waves into electrical signals (microphone), and the other way around (speaker/headphone).

It's been known for decades that you could take a microphone and use it as a speaker and vice versa, albeit some decline in signal quality is to be expected. This mode of operation is referred to in technical terms as "reverse mode" and it's been more of a trivia question, rather than something that hardware makers would ever be interested in embedding as a feature in modern products.

Speake(a)r attack weaponizes headphones, speakers

Scientists from the Cyber-Security Research Center at the Ben-Gurion University of the Negev in Israel have taken this old tidbit and weaponized it.

Researchers say they created an experimental malware that can infect computers and alter the its drivers. More precisely, the malware alters the internal functions of audio jacks, flipping input jacks (used by microphones) to output jacks (used for speakers and headphones), and vice versa.

Since a speaker/headphone and a microphone have the same internal structure, the hardware permits it to switch from input to output operations without any errors or glitches.

Attack records low-quality, but intelligible audio

This allows an attacker to record audio, albeit at a lower quality, from computers where there's no microphone or the user has intentionally disconnected any present microphones.

If both headphones and speakers are connected, the attacker can even switch from recording sound via one device to another, selecting from where he can record the better audio.

The researchers were able to switch a motherboard or a sound card's input and output jack positions because many drivers allow users to do so. For their experiment, researchers used Realtek audio chipsets.

"Our experiments demonstrate that intelligible audio can be acquired through earphone," the research team says. ". In addition, we showed that the same setup achieves channel capacity rates close to 1 Kbps in a wide range of frequencies."

Their attack is explained in detail in a research paper titles "Speake(a)r: Turn Speakers to Microphones for Fun and Profit." Researchers also recorded a YouTube video where you can view a Speake(a)r eavesdropping attack in progress.

 

Related Articles:

Data Exfiltration Technique Steals Data From PCs Using Speakers, Headphones

Android P Will Block Background Apps from Accessing Phone's Camera & Microphone