According to Security Weeklya team of American researchers managed to spy on the telephone conversations of ordinary users using a new technique called EarSpy.
Described in an article published on December 23, this method makes it possible to capture the tiny vibrations emitted by the speaker of a telephone during a conversation thanks to the accelerometer of the device. Data obtained by reverberation, which makes it possible to partially reproduce the conversation by extracting “time-frequency domain characteristics and spectrograms“.
The accelerometer, a weak link
Conducted on OnePlus smartphones (7T and 9), this study shows the impact that improving the quality of loudspeakers can have on the security of our calls.
In practice, listening to calls from a smartphone would rather be done through the installation of a malware compromising the security of the targeted device’s microphone. But as the researchers point out, the many securities deployed at this level make the task increasingly difficult. This is the reason why they were interested in the raw data captured by the accelerometer, deemed less sensitive and to which access is less protected and supervised. A flexibility that makes the EarSpy attack possible.
Worrying reliability
According to these researchers, it is possible to determine the sex of the spied interlocutor with a reliability of 98%. On the other hand, the precision of the process drops to 56% with regard to the words spoken during the call. This is not yet optimal, but sufficient to understand most conversations, especially since artificial intelligence models would be able to fill in the gaps. This remains, however, rather worrying for a spy technique that does not require the prior installation of any malware.