Researchers presented a novel technique that attackers can use to eavesdrop on conversations taking place at a distance, for example, in another room or even building. The method uses the power fluctuations of a LED indicator of a speaker to decipher them into human speech.
The academics behind the study, which was published this week, called it the “Glowworm attack.”
Academics described the method as “an optical TEMPEST attack that can be used by eavesdroppers to recover sound by analysing optical measurements obtained via an electro-optical sensor directed at the power indicator LED of various devices.”
This procedure works by taking advantage of the power supply of the device. Researchers could generate speech from the optical measurements obtained by directing an electro-optical sensor at the device’s power indicator LED that flickered as it was producing sound.
TEMPEST is the codename for such unintentional intelligence-based emanations by electromechanical equipment.
The concept of Glowworm is similar to that of Lamphone attack, which was presented by the same group of researchers in 2020. It allows the recovery of sound from a room containing an overhead hanging bulb.
While both methods retrieve sound from light via an electro-optical sensor, they are also different.
The Lamphone attack “is a side-channel attack that exploits a light bulb’s miniscule vibrations, which are the result of sound waves hitting the bulb.”
Glowworm is a “TEMPEST attack that exploits the way that electrical circuits were designed. It can recover sound from devices like USB hub splitters that do not move in response to the acoustic information played by the speakers.” The attack hinges on the link between the sound that’s played by a connected speaker and the intensity of the power indicator LED which is influenced by the power consumption. Power consumption fluctuations occur when the speakers produce sound.
A hypothetical threat actor can reconstruct the speech generated by the participants of a virtual meeting platform such as Google Meet or Microsoft Teams. The malicious party can hide in an adjacent building. The power indicator’s fluctuations can be translated to speech and allow the adversary to hear the sound coming out of the speakers.
To mitigate this type of attack, researchers recommend device manufacturers incorporating a capacitor or an operational amplifier to eliminate such power consumption fluctuations.
