Information security researchers at Ben Gurion University in Israeli have recently found a way to convert a normal headphone into a microphone and use it to record audio in the room just like a spying device.
Using a headphone as a microphone is not crazy science, and most of us have already done something similar in our own LAN parties. What the researchers did here is a little different, they managed to do what we said before and also using the output channel of the audio card for input signal and then recording sound.
For this they used a malware called Speak(a)r, the security researchers turned headphones into microphones by converting vibrations in the air emitted by the sound (just like your voice) into electromagnetic signals. This makes it possible for the headphone to act as a regular microphone and detect pretty much any sound from across the room.
The next step was to trick the output channel of the audio chip to become an input channel and thus allow the recording of sound. According to Wired, this was possible thanks to a feature that’s available in the Realtek audio codec chip, making it possible for the malware to record audio.
Realtek chips are being used on the majority of Windows and Mac systems these days, and security researchers claim that this leaves most of our computers vulnerable to such attacks.
“This is the real vulnerability,” says Mordechai Guri, the research lead of Ben Gurion’s Cyber Security Research Labs. “It’s what makes almost every computer today vulnerable to this type of attack.”
“People don’t think about this privacy vulnerability. Even if you remove your computer’s microphone, if you use headphones you can be recorded.”
So what can you do to remain protected? Not much, security researchers say, as their tests have shown that it’s possible to record sound from as far as 20 feet away (that’s about 6 meters) without you even knowing about it.
Since the vulnerability exists in the Realtek chip, no software patch could fix it, and the only way to deal with this is to upgrade the hardware to prevent exploits in the future. But as far as the majority of systems currently out there and featuring these chips are concerned, there’s not much you can do about it, other than removing the headphones every time you stop using them.