November 23, 2016
Israeli security researchers at Ben Gurion University have found a way to convert typical headphones into microphones and then use them to record audio in the room just like a fully-featured spying device.
Using headphones as microphones is not rocket science, and many of us already did that in the good old days when running our own LAN parties, but what the researchers actually managed to do is not only that, but also using the output channel of the audio card for input signal and then recording sound.
Specifically, using malware called Speak(a)r, the security researchers turned headphones into microphones by converting vibrations in the air emitted by the sound (such as your voice) into electromagnetic signals. This makes it possible for the headphone to act as a regular microphone and detect pretty much any sound from across the room.
The next step was to trick the output channel of the audio chip to become an input channel and thus allow the recording of sound. According to Wired, this was possible thanks to a feature that’s available in the Realtek audio codec chip, making it possible for the malware to record audio.
Most computers vulnerable
Realtek chips are being used on the majority of Windows and Mac systems these days, and security researchers claim that this leaves most of our computers vulnerable to such attacks.
“This is the real vulnerability,” says Mordechai Guri, the research lead of Ben Gurion’s Cyber Security Research Labs. “It’s what makes almost every computer today vulnerable to this type of attack.”
“People don’t think about this privacy vulnerability. Even if you remove your computer’s microphone, if you use headphones you can be recorded.”