EarSpy can eavesdrop on your phone conversations using motion sensors
Researchers from five American colleges have collectively developed this side-channel attack
Readers like you help support Android Police. When you make a purchase using links on our site, we may earn an affiliate commission. Read More.
Mobile security is kind of like a highway: new potholes form every day and its throughput capabilities are highly dependent on the drivers taking care not to cause a pile-up. Whether these crashes are caused by researchers sniffing out a new vulnerability, players down the security chain not doing their part, or worse. A group of researchers from some of America's most reputed academic institutions has now developed an attack named EarSpy, designed to capture what users say through curiously crafty means.
This effort is being carried out jointly by experts from the University of Dayton, New Jersey Institute of Technology, Rutgers University, Texas A&M University, and Temple University. Researchers have attempted to gather vibrations from a phone's loudspeaker in the past, but this particular attack is effective even when the user is holding the phone to their ear, SecurityWeek reports.
The research team tested out EarSpy on the OnePlus 7T and the OnePlus 9 smartphones with astonishingly accurate results using nothing but data from the earpiece and the onboard accelerometer. By contrast, the data was hard to capture on older OnePlus models due to the lack of stereo speakers, the researchers said in their paper. They examined the reverberations generated on the ear speaker with the help of spectrograms and time-frequency domain feature extraction. The focus of the team was to identify the gender of the speaker and the contents of the speech itself — if not already known, attackers may be able to determine the identity of the speaker.
Source: Arxiv.org
Newer Android versions have a more robust security apparatus, making it exceedingly difficult for malware to get the requisite permissions. But EarSpy attacks can still bypass these built-in safeguards as raw data from a phone's motion sensors are easily accessible. Although more manufacturers are now placing limits on obtaining data from the device's sensors, EarSpy researchers believe it's still possible to infiltrate the device and eavesdrop on a conversation.
As for the effectiveness of this attack, the researchers say EarSpy could correctly tell the difference between males and females in up to 98% of the cases. Furthermore, it could detect the person's identity with a ridiculous 92% top accuracy rate. However, this dips to 56% when it comes to actually understanding what was spoken. Researchers say this is still 5x more accurate than making a random guess.
In theory, EarSpy could be leveraged by malware that has infiltrated the device and relay the information back to the source of the attack. This report highlights the importance of additional hardware safeguards, especially with components like motion sensors that may not seem like easy targets at first glance.
To remedy this potential vulnerability in modern-day smartphones, the researchers recommend smartphone makers to position the motion sensors away from any source of vibrations while also reducing sound pressure during phone calls.
Chethan Rao is a weekend news writer for Android Police. He has written about tech for around a decade and has a soft spot for the latest Android hardware. In his free time, CR usually watches random cricket streams and NBA highlights or catches up on his backlog of TV shows. He also enjoys the occasional hour or two of console gaming.