Researchers from American institutions have developed a new attack called EarSpy that allows attackers to listen in on phone conversations using motion sensors. Unlike previous attempts at gathering vibrations from a phone’s loudspeaker, EarSpy is effective even when a user is holding the phone to their ear. The attack was tested on several popular smartphone models, including the OnePlus 7T and 9.
This new technique is particularly concerning because it doesn’t require any special equipment or software to be installed on the target phone. Instead, EarSpy uses the motion sensors already present in most smartphones to detect the vibrations caused by sound waves as they travel through a person’s head and skull. These vibrations can then be used to reconstruct the original audio with a high degree of accuracy.
The researchers behind EarSpy say that the attack is relatively simple to carry out and can be done from a distance of up to 20 feet away from the target phone. It’s not clear at this time how easy it would be for a real-world attacker to replicate the EarSpy technique, but the fact that it can be done without any direct access to the target phone is certainly cause for concern.
So far, the EarSpy attack has only been tested in controlled laboratory conditions, but it’s not hard to imagine the real-world implications of this kind of technology falling into the wrong hands. It could be used to spy on individuals or to gather sensitive information from business meetings or government discussions. It could also be used by law enforcement or government agencies as a means of surveillance, raising serious concerns about privacy and civil liberties.
The researchers behind EarSpy say that their main goal is to raise awareness about the potential vulnerabilities of modern smartphones and to encourage manufacturers to take steps to protect against these kinds of attacks. They have already shared their findings with various smartphone manufacturers and are working on ways to mitigate the risk of the EarSpy attack.
In the meantime, there are some steps that individuals can take to protect themselves against this kind of attack. Using a hands-free device or speakerphone when making phone calls can help to reduce the risk of being targeted by EarSpy, as can simply keeping a safe distance from other people’s phones. It’s also a good idea to be mindful of your surroundings and to be aware of anyone who may be attempting to listen in on your conversations.
The development of the EarSpy attack is a reminder of the need for caution in an increasingly interconnected and technologically advanced world. While smartphones have made our lives easier and more convenient in many ways, they also present new security risks that we must be aware of and take steps to protect against.