Your private conversation is not private anymore. Yes, it is true. Your privacy is at risk. A team of cybersecurity analysts has effectively exhibited a new side-channel attack that could permit malicious applications to eavesdrop on the voice coming out of your cell phone’s amplifiers without requiring any device authorization.
Before proceeding further, first clear the things regarding android applications and their permissions.
Android Application & Permissions:
Whenever a new application is installed, the user is asked to permit the app for the access of some other features like contacts, location, and storage, etc.
If the user grants permission then the application can use other features of the smartphone. But if the user does not grant access to other features then the app is not authorized to use any other feature.
Accessing Data Without Permission:
But here is an alarming situation. Researchers have discovered a new attack through which an attacker can access your private data without permission. The new attack is dubbed as SPEARPHONE.
The Spearphone and Accelerometer:
With the help of a motion sensor known as an accelerometer, spearphone can have access to data coming out of user’s amplifiers or speakers. Because the motion sensor is almost accessed by all apps and does not require any specific permissions.
Mostly the loudspeaker of the smartphones is placed on the same surface as inserted motion sensors, it produces aeronautical discourse resonations in the body of the cell phone whenever the loudspeaker is empowered.
The spearphone attack can be activated whenever the victim tries to place his phone on the speaker mode. According to researchers, this attack can spy on your voice notes, calls and multimedia. They further added,
“The proposed attack can eavesdrop on voice calls to compromise the speech privacy of a remote end-user in the call”
Stay Tuned For More Updates (IST)
488 total views, 3 views today