Sound Waves from $5 Speakers can Hack Smartphones

Sound Waves from $5 Speakers can Hack Smartphones

A team of researchers has found out that sound waves when directed at smartphones at particular frequencies can enable the perpetrator to control the device.

In this age of technology and automation, smartphones have proven to be a double-edged sword. While developers add to the already huge list of functionalities of smartphones, malicious users devise new ways to gain access to them. Another new method has been discovered to attack and control a smartphone, although the discovery was made by a team of researchers. But the newest way to hack a smartphone is by sound waves.

A team of researchers at the University of Michigan has discovered that smartphones, when attacked by sound waves, can be manipulated. This is possible due to a piece of hardware inside most modern smartphones, which is a MEMS accelerometer. This is a chip that is supported by a few springs inside your smartphone and enables your smartphone to track your movement. It is also found in fitness bands like Fitbit.

When sound waves are directed at particular frequencies at these chips inside a smartphone, the chips move. It is exactly what happens when you walk with the smartphone in your hand or in your pocket. The team attacked 20 accelerometers from five different manufacturers to record the result. The method might seem a little technical, but the apparatus required is most ordinary. All the researchers used was a $5 speaker.

“You can think of it as a musical virus,” said Kevin Fu, author of the research paper. He explained the mechanism as being similar to how an opera singer can break a glass by striking the right note. While the opera singer gets the glass to break, the researchers were able to do something less physically damaging but more dangerous. They could manipulate the smartphone into playing videos on the phone or even control other apps. If there exists an app that can start a car using the accelerometers when the user shakes his phone, then this method of attack can let the attacker start the car.

Readers can breathe a sigh of relief, though, for this is only a proof of concept, with the chances of it being used in the near future fairly slim. But what it goes to show is that automation should be adopted with the utmost caution. Before we fill our homes and offices with technology like IoT, we need to ensure that such technology is as secure as possible. The discovery also goes to show that hardware components can be used to nefarious ends just as simply as the software that runs the smartphones we carry in our hands.