A surprising discovery of the security flaw is the smartphone motion sensor embedded in their hardware.
Even if you are very careful about security when using phones and other devices, there are risks that you do not realize. Security researchers regularly find new threats that allow malicious agents to access a user's personal data.
An unexpected discovery of security holes from motion sensors in smartphones embedded in their hardware. These sensors are designed to detect when the phone is moving and in use. But they can be misused.
Security researchers have recently demonstrated a scary flaw in Android phones. This attack, called Spearphone, could collect data from speakers. Therefore, it has the ability to eavesdrop on conversations when the phone is placed nearby. It uses the accelerometer motion sensor, to measure acceleration, tilt or rotation of the device. Location apps like Google Maps use the accelerometer to determine your location.
Spearphone works by turning this component into a microphone. The accelerometer is placed on the same plane as the phone speaker, allowing it to capture echoes generated by the speech. When someone uses their phone in speaker activation mode or interacts with a smartphone assistant like Google Assistant , the accelerometer can record the echo of the voice. The attacker can then forward the logs to their server.
Through arXiv, researchers discovered the flaw that demonstrated how it works by creating a malicious Android application. They then tested the app on devices including LG G3, Samsung Galaxy S6 and Samsung Galaxy Note 4. It can record speech using the accelerometer, send audio recordings to. servers that researchers control. Then automatically analyze the record by machine learning software.
Using the data collected in this way, the researchers were able to determine the speaker's gender in 90% of cases and accurately identify the speaker 80% of the time.
According to a report by Trend Micro, a group of different security researchers have discovered two Android apps that do this. These are Currency Converter and BatterySaverMobi , which appear as useful tools to convert currencies and track your phone's battery. But in reality, they contain a banking malware called Anubis , which steals credit card data and online banking credentials.
These applications took advantage of motion sensors to evade detection. When security researchers search for malware, they often run tests on a virtual operating system stored on a computer. This means that the motion sensors do not sense any movement during the test, but when users install an application on their mobile phone, they usually hold their phone with them. Obviously, this creates a lot of movement that the sensor receives.
Malicious applications check for vibration using motion sensors. If motion is not detected, they understand that the application is being tested and do not deploy any malicious code. Therefore, security researchers will not find anything suspicious. But when a user installs an application and one of the above and starts moving around, it will turn on malware and may start stealing your data.
Another security issue you've probably heard of is browser fingerprinting. That's when data from your computer and browser is used to identify and track yourself. For example, it may work by viewing the different browser extensions you have installed and the fonts you use on your computer. This data can be used to build a unique picture of users and follow them on the Internet.
Both iOS and Android devices can face security risks from using motion sensors. Using a technique called SensorID, it can create fingerprints using the gyroscope and magnetometer sensor data from your phone. These sensors are calibrated in a unique way for each user, meaning they can rely on them to identify you. If apps or websites have access to a user's motion sensor, they can track when they use the Internet.
This technique works even when you take security precautions, such as using a VPN or using another browser. More frightening, it still exists after users perform a factory reset on the phone. The reason is that the calibration fingerprint of your motion sensor never changes. According to the researchers, this is a fast attack, taking less than 1 second to create fingerprints.
These attacks are very hard to counter. However, there are some steps you can take to protect yourself from the security risks of abusing motion sensors on your phone.
First, be careful when granting permission to an application. When you install a new app from Google Play , it asks the user for permission to use various functions on the phone. For example the camera application will require access to the mobile camera.
Many users agree to allow permissions without even realizing and this is at a very high risk of security risks. Next time you install a new app or game on your phone, check what permissions it requires. If it requires permission to use your phone's motion sensor, ask yourself what it needs that permission for. If there is no good reason for an application to need access to it, do not install it.
Secondly, if you are really worried about the motion sensor being abused to eavesdrop on your conversations, users can perform many direct actions such as adding anti-vibration material around the phone speakers to prevents the motion sensor from capturing the echo. Also, avoid leaving the phone on a flat, hard surface like a table when using the speaker. This will prevent the accelerometer from obtaining sound information.
To protect against fingerprint security risks, it is best to ensure the phone operating system is always up to date, as this issue has been resolved in operating systems such as iOS 12.2 . Google has also been aware of the problem and is working hard to update the Android system to protect users.
Always be vigilant and protect your information by using your smartphone intelligently. Hope this article will be helpful to help you use your phone safer and more secure!
Instructions to download the Black Unity wallpaper set on iPhone, The iPhone Black Unity wallpaper set will have the main color of the African Union (Pan-African) with the following colors:
Instructions for calling multiple people at the same time on Android, Did you know that, now Android phones allow users to make calls to multiple people (at night)
How to view history on Safari in 4 easy steps, Safari is a fast and secure web browser created by Apple. Although Safari is the default browser on Mac,
How to know someone blocked your phone number?, When someone blocked your phone number, there are several ways for you to know it. Let's learn the ways with WebTech360
How to fix iPhone error that does not show missed call notifications
How to customize the Share menu on iPhone or Mac, the Share Menu is a powerful feature on iOS and macOS. The article will show you how to customize this Share menu to make it useful
Instructions to add the lunar calendar to the iPhone screen, Today, WebTech360 will introduce to everyone 2 extremely simple and easy ways to add the lunar calendar to the screen.
Instructions for sending Memoji voice messages according to facial gestures on iPhone, Since iOS version 13 and above, and in models that support face recognition technology
Instructions to zoom in and out of the iPhone screen, Currently, iPhone also allows users to enlarge the screen of their phone with just a few clicks.
How to block repeated calls on iPhone, How to block continuous calls from a person on iPhone will help you block repeated calls continuously while in a meeting or busy work
How to turn off ads in MIUI 12, Are you annoyed with ads appearing on Xiaomi screen? Don't worry, here's how to turn off ads on Xiaomi MIUI 12.
Free Fire Max: How to use Mirroid presentation application to play games on PC, Normally, if you want to play a mobile game like Free Fire or Free Fire Max on PC then
Instructions for creating game Widgets on iOS 14, After the release of iOS 14 operating system, a lot of people love the feature of changing Widgets on the phone.
What is Google Smart Lock and how does it work?, What is Google Smart Lock and how to use it? Let WebTech360 find out all the information you need to know about
How to create a note widget on the iOS 14 screen with Sticky Widgets, Today WebTech360 will continue to introduce the steps to create a note widget on the screen
How to change featured photos on Photos widget in iOS 14, How to add featured photos on iPhone is quite simple and easy. If you don't know, let's learn how with WebTech360
Instructions for cloning applications on Oppo phones, Must be an Oppo phone user, you still don't know that this phone line still has this feature.
Transfer photos, large files extremely fast between iOS and Android with SnapDrop, SnapDrop is a utility to transfer image files and data extremely convenient and fast.
Instructions to draw pictures on Google maps on PC and smartphones, guide you to draw pictures on Google maps on computers and phones with My Maps.
Instructions for installing and using ZenUI Launcher, Let's learn how to install and use the ZenUI Launcher application - customize Asus' beautiful interface.
