Hackers can turn headphones into ‘acoustic weapons,’ cyber-security expert warns

Speakers on your phone, computer and other internet-connected devices could be hacked and used to wreak havoc on your eardrums, warns a new investigation.

A cyber-security expert claims to have conducted a malware test that found everyday items like headphones could be turned into “acoustic weapons”.

According to Wired, cyber-security research lead at the technology consulting firm PWC UK Matt Wixey demonstrated that everyday speakers can be infected with malware that makes them emit dangerously high or low frequencies.

Wixey told the publication: “We wondered if an attacker could develop malware or attacks to emit noise exceeding maximum permissible level guidelines, and therefore potentially cause adverse effects to users or people around.”

To test this theory he reportedly created malware that could be embedded remotely or physically into devices so they could be controlled by a hacker.

Blasting music at really high volumes is dangerous because it can cause conditions like tinnitus, psychological issues of even deafness.

Wixey said he conducted his experiment on several devices including a laptop, a smartphone, a Bluetooth speaker, a small speaker, a pair of over-ear headphones, a vehicle-mounted public address system, a vibration speaker, and a parametric speaker.

Once he had installed the malware on each device he said he put them in soundproof containers with sound level and temperature measures.

He found that the smart speaker, the headphones, and the parametric speaker could be forced to emit abnormally high frequencies and the Bluetooth speaker, noise-canceling headphones, and the same smart speaker could emit abnormally low frequencies.

He also observed that the components in the smart speaker started to melt four or five minutes into his malware attacks and were permanently damaged.

However, he informed the manufacturer of the problem and they are said to have fixed it.

Experiments conducted on the internet-connected smart speaker showed that it could be possible for remote attacks on acoustic devices without having physical access first.

It has also be noted that hacking people’s devices and making them emit frequencies could be used to track someone’s movements.

Wixey will not be releasing any of the malware used in the experiment and did not conduct tests on humans.

He told Wired: “There are a lot of ethical considerations and we want to minimize the risk.

“But the upshot of it is that the minority of the devices we tested could in theory be attacked and re-purposed as acoustic weapons.”

Source: Read Full Article