{"id":1059,"date":"2016-11-23T20:57:43","date_gmt":"2016-11-23T20:57:43","guid":{"rendered":"http:\/\/54.201.249.27\/?p=1059"},"modified":"2016-11-23T20:57:43","modified_gmt":"2016-11-23T20:57:43","slug":"malware-covertly-turns-pcs-eavesdropping-devices","status":"publish","type":"post","link":"https:\/\/blackopspartners.com\/malware-covertly-turns-pcs-eavesdropping-devices\/","title":{"rendered":"Malware covertly turns PCs into eavesdropping devices"},"content":{"rendered":"
Researchers at Ben-Gurion University of the Negev (BGU<\/span>) have demonstrated malware that can turn computers into perpetual eavesdropping devices, even without a\u00a0microphone.<\/p>\n In the new paper,\u00a0\u201cSPEAKE<\/span>(a)R: Turn Speakers to Microphones for Fun and Profit,\u201d<\/a>\u00a0the researchers explain and demonstrate how most PCs and laptops today are susceptible to this type of attack. Using\u00a0SPEAKE<\/span>(a)R, malware that can covertly transform headphones into a pair of microphones, they show how commonly used technology can be\u00a0exploited.<\/p>\n \u201cThe fact that headphones, earphones and speakers are physically built like microphones and that an audio port\u2019s role in the\u00a0PC<\/span>\u00a0can be reprogrammed from output to input creates a vulnerability that can be abused by hackers,\u201d says Prof. Yuval Elovici, director of the\u00a0BGU<\/span>\u00a0Cyber Security Research Center<\/a>(CSRC<\/span>) and member of\u00a0BGU<\/span>\u2019s\u00a0Department of Software and Information Systems Engineering<\/a>.<\/p>\n \u201c<\/span>This is the reason people like Facebook Chairman and Chief Executive Officer\u00a0Mark Zuckerberg tape up their mic and webcam<\/a>,\u201d says Mordechai Guri, lead researcher and head of Research and Development at the\u00a0CSRC<\/span>. \u00a0\u201cYou might tape the mic, but would be unlikely to tape the headphones or\u00a0speakers.\u201d<\/p>\n A typical computer chassis contains a number of audio jacks, either in the front panel, rear panel or both. Each jack is used either for input (line-in), or for output (line-out). The audio chipsets in modern motherboards and sound cards include an option for changing the function of an audio port with software \u2014 a type of audio port programming referred to as jack retasking or jack\u00a0remapping.<\/p>\n Malware can stealthily reconfigure the headphone jack from a line-out jack to a microphone jack, making the connected headphones function as a pair of recording microphones and turning the computer into an eavesdropping device. This works even when the computer doesn\u2019t have a connected microphone, as demonstrated in the\u00a0SPEAKE<\/span>(a)R\u00a0video.<\/a><\/p>\n The\u00a0BGU<\/span>\u00a0researchers studied several attack scenarios to evaluate the signal quality of simple off-the-shelf headphones. \u201cWe demonstrated it is possible to acquire intelligible audio through earphones up to several meters away,\u201d said Dr. Yosef Solewicz, an acoustic researcher at the\u00a0BGU<\/span>\u00a0CSRC<\/span>.<\/p>\n Potential software countermeasures include completely disabling audio hardware, using an\u00a0HD<\/span>\u00a0audio driver to alert users when microphones are being accessed, and developing and enforcing a strict rejacking policy within the industry. Anti-malware and intrusion detection systems could also be developed to monitor and detect unauthorized speaker-to-mic retasking operations and block\u00a0them.<\/p>\n