Even a bit of thought about this probability could make you feel incredibly creepy.
But most people think that they have a solution to these major issues i.e. simply covering their laptop’s webcam and microphone with tape, just like Facebook CEO Mark Zuckerberg and FBI Director James Comey.
But it’s 2016, and a piece of tape won’t help you, as a new experiment has proved that how easily hackers can turn your headphones into a microphone to spy on all your conversations in the background without your knowledge.
Speake(a)r Malware Weaponizes Headphones and Speakers
Using headphones as microphones is a decade-old technique.
But what the researchers managed to do is switching an output channel of the audio card on your laptop — running either Windows or Mac OS — to an input signal and then recording the sound without any dedicated microphone channel from as far as 20 feet away.
Dubbed “Speake(a)r,” the malicious code (malware) is disturbingly able to hijack a computer to record audio even when its microphone is disabled or completely disconnected from the computer.
“People don’t think about this privacy vulnerability,” says lead researcher Mordechai Guri told Wired. “
Even if you remove your computer’s microphone, if you use headphones you can be recorded.”
Speake(a)r actually utilizes the existing headphones to capture vibrations in the air, converts them to electromagnetic signals, alters the internal functions of audio jacks, and then flips input jacks (used by microphones) to output jacks (used for speakers and headphones).
This allows a hacker to record audio, though at a lower quality, from computers with disabled or no microphone or from computers of a paranoid user, who has intentionally removed any existing audio components.
But What made this Hack Possible?
Thanks to a little-known feature of Realtek audio codec chips that actually “retask” the computer’s output channel as an input channel silently.
This makes it possible for the researchers’ malware to record audio even when the earbuds is connected into an output-only jack and do not even have a microphone channel on their plug.
What’s even worse?
“This is the real vulnerability,” said Guri. “It’s what makes almost every computer today vulnerable to this type of attack.”
The feature of RealTek audio codec chips is truly dangerous, as it can not be easily fixed.
Security researchers also published a YouTube video which shows the Speake(a)r eavesdropping attack in work.
For more detailed and technical explanation of the Speake(a)r attack, you can head on to the research paper [PDF] titled “Speake(a)r: Turn Speakers to Microphones for Fun and Profit.”