- Attackers can send commands to phones to make calls, take images, or read the contents of the victims’ text messages.
- Ultrasonic waves can pass through solid surfaces, allowing attackers to perform a remote attack within a small radius.
Researchers found a security loophole in smartphone voice recognition systems due to which ultrasonic waves (inaudible to humans) can activate Siri and Google Assistant.
What happened? According to research from Washington University in St. Louis, ultrasonic waves can propagate through solid surfaces to activate voice recognition systems in cell phones.
- Furthermore, with the addition of some cheap hardware, an attacker can initiate the attack to eavesdrop on the phone’s response.
- The attacker can send commands to phones to make calls, take images, or read the contents of texts from strangers—all without the phone owner’s awareness.
About the research: Humans can’t hear it but ultrasonic sound waves can be picked up by microphones. As per Zhang, if one knows how to work with signals, they can get the phone to interpret the incoming sound waves, assuming that one is giving a command.
- The research team set up a host of experiments on 17 different phone models including the iPhone, Galaxy, and Moto models.
- To test the ability of ultrasonic waves to transmit commands through solid surfaces, the researchers set up a couple of experiments that involved a phone placed on a table.
- Then they attached a microphone and a piezoelectric transducer (PZT) that converts electricity to ultrasonic waves, to the bottom of the table. To pass their commands, the researchers also hid a waveform generator under the table.
- The researchers first asked the virtual assistant to turn the phone volume down to level 3 which would be nearly inaudible to a victim in an office-like environment.
- Then, the team ran two tests: to retrieve an SMS (text) passcode and to make a fake call.
- For the first test, the researchers sent a “read my messages” command from an attack device, to read a simulated bank pass code message sent to the target phone.
- The response was audible to a hidden microphone placed by the researchers, but not to the victim.
- In the second test, the attack device sent a command “call Sam with speakerphone.” The attacker could actually converse with “Sam,” once again using the hidden microphone placed under the table.
Ultrasonic waves made it through metal, glass, and wood during the experiments. Researchers also tested different table surfaces and phone configurations, even at distances as far as 30 feet. Ultrasonic wave attacks also worked on plastic tables, but not as reliably.