¿Cómo realizar trámites en cuarentena?: conocé las oficinas virtuales ...
SECURITY

Hackers Can Steal Your Passwords by Listening to You Type

243Views

You might have thought you had your digital security locked down. No password recycling, no suspicious link clicking, and you even use disposable email addresses. You felt impervious. But wait, what’s this? You got hacked? Hold on, have you been typing recently? That’s a rookie mistake.

According to reports from Bleeping Computer, researchers have successfully trained an AI model to discern specific keystrokes on keyboards by leveraging the built-in microphone in either a computer or a compromised smartphone. The alarming part? The researchers’ model can accurately predict the pressed key with a 95% success rate. Although, fear not, as the accuracy dipped slightly to 93% when Zoom was utilized to train the model. A glimmer of hope, perhaps.

In all seriousness, the implications of “acoustic attacks” are nothing short of concerning. An AI model with such capabilities could be harnessed for spying on individuals’ typing behaviors, capturing a spectrum that ranges from sensitive data to passwords. Picture yourself opening Slack, composing a confidential message to your supervisor, then proceeding to access your bank’s website and inputting your username and password to review your account. This AI system could potentially decipher up to 95% of these actions, effectively accumulating the bulk of your keystrokes over time.

How does this (hypothetical) acoustic attack work?

To infiltrate your typing patterns, attackers can use your device’s microphone, even from a smartphone, to record the sounds of your keystrokes. They might also target Zoom calls, analyzing typing sounds to match them with chat messages.

Researchers managed to train an AI model for this by typing individual keys on new MacBook Pros, recording them multiple times, and using software to detect subtle differences in the sounds. Their accuracy reached 95% with nearby iPhones and 93% via Zoom recordings. This method unveils potential privacy risks, even on devices known for security like Apple’s. It underscores the need for heightened digital security measures as technology progresses.

How to protect yourself from (again, hypothetical) acoustic attacks

Fortunately, this specific AI model has been developed solely for research purposes, so encountering it in the wild isn’t a concern. However, the fact that researchers have achieved this feat suggests that potential attackers might not be far behind.

Arming yourself with this knowledge, you can take proactive steps to safeguard your digital interactions. Remember that this attack requires a microphone recording your keystrokes, implying that your computer or phone must have been compromised beforehand or you’re engaged in a Zoom call with a potential attacker. In response, remain vigilant about your device’s microphone permissions. Disable access for any app that doesn’t necessitate it, and be wary if your microphone appears active when it shouldn’t be.

Additionally, adopting a practice of muting yourself when not actively speaking during a Zoom call can serve as an effective safeguard. Beyond being a good etiquette, it proves invaluable in scenarios involving potential attackers. By staying muted while typing messages in the chat, you prevent them from leveraging your keystrokes against you.

To bolster your protection against hacking attempts from the outset, adhere to standard security guidelines. Avoid clicking on unfamiliar links, refrain from opening messages from unknown senders, and exercise caution when it comes to downloading and opening files of uncertain origin. Implementing these practices alongside heightened awareness will contribute significantly to fortifying your digital security.

Password managers are your friend

In the event that you unknowingly fall victim to hacking and your phone becomes susceptible to capturing your keystrokes, certain precautions can help mitigate potential risks. Utilizing password managers, particularly those offering auto-fill functionality, becomes a wise choice. Opting for password managers that enable access through face or fingerprint recognition eliminates the need for manually typing passwords, thereby reducing exposure. Additionally, introducing white noise around your devices can serve as a protective measure, rendering any captured sound recordings futile.

Kami Whiting
the authorKami Whiting

Leave a Reply