EarSpy – Android New Attack Vector
Share this:
A new evolving eavesdropping attack has been developed by a team of security experts for Android devices, dubbed EarSpy. With this attack type, threat actors can get hands-on sensitive content.
Researchers from five various American universities took this project. attack vector aims to capture motion sensor data readings generated by the reverberations from the ear speaker in mobile devices in order to create new methods of eavesdropping.
These attacks, targets Smartphone loudspeakers. Due to this, the ear speakers are incapable of generating enough vibration to allow eavesdropping to be executed properly for the side-channel attack.
With the advent of technology, today’s smartphones are smarter with enhanced speakers. Minute resonance from those speakers can be captured and measured by the devices
As part of their experiments, the researchers used a OnePlus 7T device as well as a OnePlus 9 device. Both of these devices were used by the researchers to play pre-recorded audio through their ear speakers only using a variety of pre-recorded audio sets. Though their existed variation, the outcome indicated that eavesdropping via ear speakers can be accomplished successfully.
EarSpy’s effectiveness could be reduced by a factor,
- The volume level that users select for their ear speakers that are comfortable, which lowers eavesdropping and side channel attack
- Assembling components with composure and tightness will reduce the impact.
