Cyber security news for all

More

    Spies can listen in on conversations using the lightbulb

    There is no end to the methods applied in getting information. The lightbulb is the newest form of spyware. It has been turned into an instrument for spying; people have discovered how to spy on others by simply measuring the amount of light the lightbulb emits.
    Who would have thought that there’s a technique for eaves-dropping?

    A team of cybersecurity researchers has developed and demonstrated a novel side-channel attacking technique that can be applied by eavesdroppers to recover full sound from a victim’s room that contains an overhead hanging bulb.
    A team of academics: Ben Nassi, Yaron Pirutin, Adi Shamir, Yuval Elovici, and Boris Zadov, from the Israeli’s Ben-Gurion University of the Negev and the Weizmann Institute of Science released the findings in a new paper. It will also be presented at the Black Hat USA 2020 conference later this August.

    This technique, termed Lamphone, employs the use of sound waves. It optically captures small sound waves through an electro-optical sensor directed at the bulb; using it to recover speech and recognize music.

    The researchers said, “we assume a victim located inside a room/office that contains a hanging lightbulb. We consider an eavesdropper a malicious entity that is interested in spying on the victim; to capture the victim’s conversations and make use of the information provided in the conversation (e.g., stealing the victim’s credit card number, performing extortion based on private information revealed by the victim, etc.). Lamphone leverages the advantages of the Visual Microphone (it is passive) and laser microphone (it can be applied in real-time) methods of recovering speech and singing.”
    To achieve their goal, the eavesdroppers have a setup which comprises; a telescope, an electro-optical sensor, an analog-digital converter, and a laptop.

    Distance of eavesdropping

    This technique, which is applicable in a real-life scenario, is functional from distances of at least 25 meters. Sound waves are amplified for further listening;with the use of a telescope and electro-optical sensor, soundwaves can be amplified for further listening.

    This attack doesn’t require any threat actor because it is taking place in an external scenario. Since Lamphone depends on light output, a suggestive countermeasure is reducing the amount of light captured and using a curtain to limit emission. The use of a heavier bulb, which minimizes vibrations caused by changes in air pressure, is also advised.

    Demonstrations
    To demonstrate the technique, researchers used an audible extract of Donald Trump’s speech, a recording of Beatles, “Let it Be,” and Coldplay’s “Clock.”
    The researchers outline the demonstration. “We show how fluctuations in the air pressure on the surface of the hanging bulb (in response to sound); which cause the bulb to vibrate very slightly (a millidegree vibration), can be exploited by eavesdroppers to recover speech and singing, passively, externally, and in real-time. We analyze a hanging bulb’s response to sound via an electro-optical sensor;and learn how to isolate the audio signal from the optical signal. Based on our analysis, we develop an algorithm to recover sound from the optical measurements obtained from the vibrations of a light bulb and captured by the electro-optical sensor.”

    “The development adds to a growing list of sophisticated techniques that can be used to snoop on unsuspecting users. And extract acoustic information from devices intended to function as microphones such as; motion sensors, speakers, vibration devices, magnetic hard disk drives, and even wooden tables.”

    Recent Articles

    Russian Cybercriminal Behind “Cardplanet” Site Sentenced

    According to the United States Department of Justice, a Russian cybercriminal, Aleksey Burkov, 30—who operated Cardplanet site: a site that trafficked stolen card details—has...

    Hackers Used Malicious Docker Images to Mine Monero

    Researchers found malicious images on Docker Hub used for crypto mining. Palo Alto Networks' Unit  42, unraveled a crypto mining scheme which uses malicious Docker...

    NSA outlines requirements for secure collaboration services for US government telework

    The new National Security Agency (NSA) guidelines are a window of security for users. Everyone has been trying to return to their lives since...

    Cybercriminals threaten to sell off “scandalous” files swiped from Mariah Carey, Nicki Minaj, Puff Daddy’s legal eagles

    There's no escaping these cybercriminals. In a recent case of "cyber-extortion," threat actors known as REvil, are threatening to expose celebrity "dirt." These threat actors...

    Twitter apologises for exposed customers data

    In what is described as a "data security incident," sensitive details of Twitter's customers were exposed. Unlike other cases of a breach which are...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox