Linux Security
    Linux Security
    Linux Security

    New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission

    Date 17 Jul 2019
    Category Hacks/Cracks
    2159
    Posted By Brittany Day
    Android Side Channel Attack

    Have you heard about Spearphone, a newly demonstrated attack that takes advantage of a hardware-based motion sensor, called an accelerometer, which comes built into most Android devices and can be unrestrictedly accessed by any app installed on a device even with zero permissions?

    Earlier this month, The Hacker News covered a story on research revealing how over 1300 Android apps are collecting sensitive data even when users have explicitly denied the required permissions.

    The research was primarily focused on how app developers abuse multiple ways around to collect location data, phone identifiers, and MAC addresses of their users by exploiting both covert and side channels.

    Now, a separate team of cybersecurity researchers has successfully demonstrated a new side-channel attack that could allow malicious apps to eavesdrop on the voice coming out of your smartphone's loudspeakers without requiring any device permission.

    The link for this article located at The Hacker News is no longer available.

    Advisories

    LinuxSecurity Poll

    No results found.

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.