Synesthesia Attack Allows Hackers To Steal Data Via Screen Noise

The security community has reported that a new malicious tactic has been developed called the Synesthesia Side Channel Attack. The available information shows that inaudible acoustic signals can be deciphered into revealing sensitive user content. Several attack scenarios are proposed as this is merely another side channel attack that can be exploited by criminals.

Synesthesia Side Channel Attack Allows Hackers To “Listen To” On-Screen Images

A group of researchers from Columbia University, the University of Michigan, University of Pennsylvania and Tel Aviv University reveal a new side channel attack called “Synesthesia”.The dangerous approach relies on the fact that recorded inaudible acoustic noises coming in from the computer (device) screens can be deciphered into reading the displayed content. The discovery shows that there is a wide range of possibilities for acquiring the requested information — via smartphone microphones, webcams, laptop mics, portable gear and etc.

There are several attack scenarios that are initially proposed:

  • Employer Surveillance — HR staff and employers can use this “silent” technique in order to view what content employees view on their computers. This replaces traditional approaches such as the installation of remote desktop tools.
  • Data Theft — Attackers using various recording gear can spy on a single or multiple users by deciphering the acquired samples.
  • Data Transmission — The collected audio sample recordings can be recorded by a malicious user and transmitted to a hacker that will process them.

The exact nature of the signals is that they are almost inaudible to the human ear — they are very faint and particularly high-pitched which cannot be deciphered using natural recognition technology. However during careful instrumental measurement it was discovered that the displayed content particular patterns when showing certain content. In short an attack model can be established on the basis of how the contemporary displays (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Martin Beltov. Read the original post at: