Speake(a)R: Turn speakers to microphones for fun and profit

Mordechai Guri, Yosef Solewicz, Andrey Daidakulov, Yuval Elovici

Research output: Contribution to conferencePaperpeer-review

10 Scopus citations

Abstract

It's possible to manipulate the headphones, earphones, and simple earbuds connected to a computer, silently turning them into a pair of eavesdropping microphones. This paper focuses on the cyber security threat this behavior poses. We introduce 'SPEAKE(a)R,' a new type of espionage malware that can covertly turn the headphones, earphones, or simple earbuds connected to a PC into microphones when a standard microphone is not present, muted, taped1 or turned off. We provide technical background at the hardware and OS levels, and explain why most of the motherboards and audio chipsets of today’s PCs are susceptible to this type of attack. We implemented a malware prototype and tested the signal quality. We also performed a series of speech and recording quality measurements and discuss defensive countermeasures. Our results show that by using SPEAKE(a)R, attackers can record human speech of intelligible quality and eavesdrop from nine meters away.

Original languageEnglish
StatePublished - 1 Jan 2017
Event11th USENIX Workshop on Offensive Technologies, WOOT 2017, co-located with USENIX Security 2017 - Vancouver, Canada
Duration: 14 Aug 201715 Aug 2017

Conference

Conference11th USENIX Workshop on Offensive Technologies, WOOT 2017, co-located with USENIX Security 2017
Country/TerritoryCanada
CityVancouver
Period14/08/1715/08/17

Fingerprint

Dive into the research topics of 'Speake(a)R: Turn speakers to microphones for fun and profit'. Together they form a unique fingerprint.

Cite this