Our smartphones are capable of detecting ultrasonic waves, and this has become a great way for cybercriminals to target smartphones. Every day, researchers are exploring certain possibilities to influence gadgets and devices, in this case we are not dealing with direct hacking of the phone, but rather an impact that can lead to unpleasant consequences. So far, this method has been disclosed only by a group of positive-minded people, but it is possible that in the future those who wish to harm society will also resort to such methods to influence users' smartphones.
How to hack a smartphone with ultrasound?
The potential impact was uncovered by researchers at Washington University. With the help of ultrasonic waves, they learned how to activate voice assistants and give them various commands that are inaudible to human hearing. We are talking in this case about Google Assistant and Siri, but this 'hack' applies to all other assistants that are able to recognize commands. And, as you guessed, the more the number of commands, the higher the chance that the device can be influenced in any way.
In the video below, you can evaluate the possibilities of ultrasonic exposure to the device:
As you can see, using ultrasound, you can influence the camera of a smartphone. In this way, the researchers managed to endlessly photograph the space around the phone. Perhaps, using the voice assistant, the captured images can be sent to the attacker's number. In this case, this is a serious challenge.
In the experiment, ultrasonic waves were transmitted over the table surface. They are capable of being transferred when it comes to surfaces made of wood, glass and metal. A similar hack works with plastic surfaces, but is not as effective.
Hacking a smartphone with ultrasonic waves
The researchers used a piezoelectric sensor at the bottom of a table that held smartphones. A generator of sound waves was also located nearby to create the necessary signals. 17 smartphones were tested and in the case of 15 of them this method of exposure turned out to be working.
To be more precise, the list of devices included smartphones of the Google Pixel line, devices Motorola, Samsung Galaxy S7 and Galaxy S9, Xiaomi Mi 5, Mi 8, Mi 8 Lite, as well as phones from Apple. The hack did not work with the Galaxy Note 10 Plus and Huawei Mate 9. And the reason for this is most likely the too rounded surface of the rear roof of smartphones.
How to avoid becoming a victim of an ultrasound attack?
It is necessary to abandon the use of thick protective cases, and it is also better to abandon the function of activating the voice assistant in a locked state. Google Assistant allows you to turn off the ability to display personal information using voice commands if the device is not unlocked.
Vulnerabilities Android
We are still not immune from external threats
Of course, it is unlikely that in practice you will encounter a situation where, after placing the device on a surface, someone can act on it using ultrasound. This information will be useful rather for general development, in order to understand what hackers are capable of. However, I repeat, in practice this method of obtaining user data is not efficient.
It is much more efficient to hack a WhatsApp account using a video with a built-in virus, as was done in the case of Chapter Amazon by Jeff Bezos. And in 2016, hackers managed to hack the Google Pixel and get $ 120,000 for it.
Hackers are the new threat to humanity
We want to warn our readers against this. You should not resort to attempts to break into something, because this will entail criminal liability. Information is the most important wealth today. And hackers will become more and more popular precisely because of this. We can, of course, say that obtaining personal data of a person using ultrasonic waves is an extremely rare scenario, but the very possibility of this can sooner or later lead to unpleasant situations. Therefore, hackers, of course, are a threat to society today, and we need to take all measures to protect ourselves.
Your opinion on this matter is also interesting. Do you think smartphones are not secure enough today? For example, only in Android 11 Google will make the use of Scoped Storage a prerequisite for publishing an application on Google Play, but surprisingly, before that, any application that accessed the file storage could steal data from any applications, and, including, we are talking about applications of social networks. Share your opinion in the comments and join our Telegram chat.