A team of researchers from five American most reputed academic institutions has developed an eavesdropping attack for Android devices.
Named EarSpy, the side-channel attack is designed to capture what users say through sly methods. According to BleepingComputer, to some degree, it can recognize the caller's gender and identity.
The development of the eavesdropping attack is an academic effort from Texas A&M University, New Jersey Institute of Technology, Temple University, University of Dayton, and Rutgers University.
How Does EarSpy Work
EarSpy captures motion sensor data readings caused by reverberations from ear speakers in mobile devices.
According to Phone Arena, his type of attack has been explored in smartphone loudspeakers before. However, ear speakers were considered too weak to generate enough vibration.
But modern smartphones have more powerful stereo speakers compared to earlier models. Because of this, they have a much better sound quality and stronger vibrations.
To illustrate their findings, the researchers used a OnePlus 7T and OnePlus 9 device in their experiments. They also used varying sets of pre-recorded audios that were played through the ear speakers of the two devices.
In addition, the team also used the third-party app Physics Toolbox Sensor Suite to capture accelerometer data during a simulated call. They then fed it to MATLAB for analysis as well as to extract features from the audio stream.
They also trained a machine learning (ML) algorithm using readily available datasets in order to recognize speech content, caller identity, and gender.
Depending on the dataset and device, the test data varied. However, it was able to produce overall promising results for eavesdropping via the ear speaker.
According to the researcher's paper, the data was hard to capture on older OnePlus models due to the lack of stereo speakers.
While newer Android versions have a more robust security apparatus, EarSpy attacks can still bypass these built-in safeguards because the raw data from a phone's motion sensors are easily accessible, as per Android Authority.
More smartphone manufacturers are now placing limits on obtaining data from the device's sensors, but EarSpy researchers believe that it's still possible to infiltrate the device and eavesdrop on a conversation.
Read Also: Outdated Android Phone? Here's How To Update Android Devices With Software and Security Fixes
What's the Remedy to This Potential Vulnerability
According to BleepingComputer, the volume users choose for their ear speakers could reduce the efficacy of the EarSpy attack.
The researchers noted that a lower volume could prevent eavesdropping via this side-channel attack. Moreover, it is also more comfortable for the ear.
Other factors that impact the diffusion of speaker reverberation are the arrangement of the device's hardware components and the tightness of the assembly.
Lastly, user movement as well as the vibrations introduced from the environment could lower the accuracy of the derived speech data.
A restriction in collecting sensor data without permission for sampling data rates beyond 200 Hz was introduced by Android 13.
This feature prevents speech recognition at the default sampling rate of 400 Hz to 500 Hz. However, if the attack is performed at 200 Hz, it only drops the accuracy by about 10 percent of the attack.
As a solution to this potential vulnerability in modern-day smartphones, the researchers recommend that smartphone manufacturers should position the motion sensors away from any source of vibrations.
In addition, the researchers also recommend reducing sound pressure during phone calls.
Related Article: Android Scam: Answering Your Phone Can Lead to Bank Hacking [Warning Signs, How to Avoid]
