Researchers have demonstrated how hackers could track a person’s movements using the speakers and microphones that are found in many smartphones, laptops and other devices.
According to research by the University of Washington, hackers could embed a high-frequency sound in audio recordings that acts as a sonar. Sound waves would bounce off people and objects and this is picked up by a microphone.
Hackers could then use this information to produce an image of a person’s environs and actions.
Researchers showed how this can be done using a Samsung Galaxy S4 with common audio devices, including four portable speakers and a home theatre system. Researchers ran experiments in five homes in the Seattle area to demonstrate CovertBand’s ability to help an attacker both localise victims and leak information about activities even in scenarios where those activities are not audible.
The research found that people could be tracked as they walk across a room and they were also able to track persons and objects in nearby rooms as wellas though doors, walls and windows.
Researchers said that in tests w CovertBand can track walking subjects with a mean tracking error of 18 cm and subjects moving at a fixed position with an accuracy of 8 cm at up to 6 m in line-of-sight and 3 m through barriers. In tests with 33 subjects, they also showed that even in ideal scenarios, listeners were unlikely to detect a CovertBand attack.
The paper looked at a few scenarios where such attacks could happen. One would be where a spy enters a foreign country and rents a hotel room to monitor a target. The spy cannot use h dedicated surveillance hardware, and cannot acquire any suspicious new hardware while in-country. Researchers said that a spy could benet from using a covert monitoring mechanism, something they could run on their phone and that would avoid arousing suspicion.
The attack could also be used in vigilante justice. “In some cases, revealing certain private activities can be dangerous to victims. For example, many countries or non-government entities persecute pre-marital or other sexual partnerships. We note that in many of these cases, vigilantes do not seek conclusive evidence before condemning victims; as such, the possibility of even circumstantial evidence could pose security threats for these individuals,” said researchers.
Lastly, the attack could leverage devices already inside a victim’s home. Because the attack requires access only to a speaker and microphone, an attacker can leverage many devices that already exist in the home environment.
“A remote adversary who compromises one of these devices, perhaps via a trojan application in an app store or via a remote exploit, could use our methods to remotely glean information about an individual’s home activities. An attacker could also find more surreptitious ways to execute such an attack. For example, a streaming music app with voice control has all the permissions (speaker and microphone) needed to execute our attack. As a simple example, an attacker could utilise the advertising library embedded inside a music application to determine whether the user is near the phone when an ad is played,” said the researchers.
The researchers said that with further work, the attack could be refined to enable the sensing of more subtle motions such as the movement of hands, arms, or even fingers.
This article originally appeared at scmagazineuk.com