Malware converts microphone-free computers into eavesdropping devices
Laptops or desktops can now be remotely compromised and used by hackers to eavesdrop on their owners, even if the devices do not contain microphones.
Researchers at Ben-Gurion University of the Negev (BGU) in Israel have developed malware that covertly transforms headphones into a pair of microphones
They have demonstrated how most PCs are susceptible to this type of attack, which uses a programme called SPEAKE(a)R to manipulate the hardware in the headphones.
“The fact that headphones, earphones and speakers are physically built like microphones and that an audio port’s role in the PC can be reprogrammed from output to input creates a vulnerability that can be abused by hackers,” said Professor Yuval Elovici, director of the BGU Cyber Security Research Center.
“This is the reason people like Facebook chairman and chief executive officer Mark Zuckerberg tape up their mic and webcam,” said lead researcher Mordechai Guri. “You might tape the mic, but would be unlikely to tape the headphones or speakers.”
A typical computer chassis contains a number of audio jacks, either in the front panel, rear panel or both. Each jack is used either for input (line-in) or for output (line-out). The audio chipsets in modern motherboards and sound cards include an option for changing the function of an audio port with software - a type of audio-port programming referred to as jack retasking or jack remapping.
The custom-built malware can stealthily reconfigure the headphone jack from a line-out jack to a microphone jack, making the connected headphones function as a pair of recording microphones and turning the computer into an eavesdropping device.
This works even when the computer doesn’t have a connected microphone, as demonstrated in the video below.
The BGU researchers studied several attack scenarios to evaluate the signal quality of simple off-the-shelf headphones. “We demonstrated it is possible to acquire intelligible audio through earphones up to several metres away,” said acoustic researcher Yosef Solewicz.
Potential software countermeasures include completely disabling audio hardware, using an HD audio driver to alert users when microphones are being accessed and developing and enforcing a strict rejacking policy within the industry.
Anti-malware and intrusion detection systems could also be developed to monitor and detect unauthorised speaker-to-mic retasking operations and block them.
Last week it emerged that a budget smartphone made in China was found to transmit user data, including complete text messages, back to the manufacturer without the users’ knowledge.