Without getting too technical, the hack hijacks the headphones’ cord and uses the wire to convert electromagnetic waves into electrical signals, which the phone’s operating system then mistakes for audio coming from the microphone. “As an outcome, we introduce a new silent remote voice command injection technique on modern smartphones”, wrote the researchers José Lopes Esteves and Chaouki Kasmi. Or as Vincent Strubel, the director of their research group at ANSSI puts it more simply, “The sky is the limit here”. In other words, anything that can be done through the voice interface could potentially be done remotely and discreetly through electromagnetic waves.
Advertisement
The researchers were able to mount the attack on a smartphone using a laptop with GNU Radio, a USRP software-defined radio, an amplifier and an antenna. The whole setup could be assembled inside a backpack and would have a range of about six and a half feet. But if connected to a larger set of batteries inside a vehicle or van the range can be extended to 16 feet.
Here’s a video showing the attack in action: In the demo, the researchers commandeer Google Now via radio on an Android smartphone and force the phone’s browser to visit the ANSSI website.
To keep this from happening to you, don’t leave your headphones plugged in, and disable voice control when the phone is locked. On Android phones, this could only work if you enable Google Now from the lock screen, so don’t do that.
You might want to reconsider next time you’re about to plug your headphones with a microphone into your iPhone or Android smartphone.
Advertisement
The researchers reached out to Apple and Google and urged them to create better security for headphones due to the potential of electromagnetic waves to be used for malicious purposes, according to ABC News.
