Glowworm: A Technique Of Attack Making Use Of Led To Recover Sound

Glowworm: A Technique Of Attack Making Use Of Led To Recover Sound

Security research experts have invented an attack technique. This technique, also called the optical TEMPEST attack, makes use of optical emissions of a LED on a machine. This technique has the ability of sound recovery from an external device that is connected. This can also be used for spying on electronic communications. This technique has an attack radius of 15-35 meters, the pick-up quality can be varied.

Attack Details

A group of scholars from the Ben-Gurion University revealed the details pertaining to the attack.

  • Researchers claim, about 50% of the analyzed devices were exposed to the attack. The analyzed devices include devices from JBL, Google, Creative, Sony, Miracase, TP-Link, Logitech, and Raspberry Pi.
  • The attack style of Glowworm is quite similar to Lamphone. Lamphone permitted sound recovery from a target’s room having a light source. The presentation of Lamphone was made by the same group of experts a year back.
  • Both of these attacks use light to get sounds via sensors. They have a few differences though. Lamphone uses the micro-vibrations of the light source while glowworm exploits the electrical circuit designs.

Eavesdropping Technique Details

The Glowworm attack is based on the direct proportional optical relationship between the sound produced by a connected speaker and the strength of its power indicator LED directly connected to the power line.

Reports suggest that the attacker can recover the sounds by analysis of the optical measurements. These measurements are obtained by aiming an electro-optical sensor at the power indicator LED of the target devices.

The quality of the equipment that is used during the attacks determines the quality of the recovered sounds.

If visual is not available on the power indicator LED from outside, the hacker can still manage to recover sounds from the power indicator LED of the device that is providing power to the speaker.

This attack can be used to target speech that is generated by individuals in virtual meetings such as Zoom or Google Meet using speakers with LEDs.

Solutions

Glowworm attacks seem very complicated. However, researchers have proposed a very simple fix for the issue. Just use black tape to cover the LED indicators. Device manufacturers can install an operational amplifier or a capacitor to dampen or remove the power consumption fluctuations which occur when sounds are played on the speakers.

By IEMA IEMLabs

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!