Since you’re an appropriately paranoid Secplicity reader, hopefully you already cover up your laptop’s webcam to prevent hackers from spying on you. Maybe you’ve even disabled its built-in microphone to foil secret audio recording. But, that might not be enough to keep determined hackers from spying on you. WIRED reported today that a group of Israeli security researchers have found a way to turn headphones into microphones to surreptitiously record nearby conversations. Ben Gurion University in Israel created the proof-of-concept code for the malware called “Speake(a)r” that records audio using headphones, and demonstrated how a hacker could use it to spy on seemingly-private conversations. In the researcher’s tests, audio recorded from 20 feet away using headphones was still audible after being compressed and sent over the Internet.
The malware uses a feature of RealTek audio codec chips to “retask” a computer’s output channel as an input channel, which lets the headphones record while plugged into an audio-out jack. The researchers haven’t tested other codec chips or smartphones, but believe that they would also be vulnerable to this attack. The bad news is that RealTek chips are in most desktop computers and many laptops. Since the malware uses a feature of the chip instead of a vulnerability, there’s no way to patch and fix it. The good news is that there’s a simple, low-tech fix to stop this kind of sneaky voice recording: unplug your headphones.
Read the full story and watch a demo video of this hack in action on WIRED: https://www.wired.com/2016/11/great-now-even-headphones-can-spy/