A new method has been discovered that hackers can infiltrate smartphones


Researchers from the University of Washington have discovered a new penetration method that smart phone voice assistants will create on the surfaces of the phones.

Smartphones have long been one of the important components of our lives. Many of us spend most of the day on smartphones. When using smartphones so intensely, we should also consider the risks that they may pose. The first place in the list of risks to consider is the theft of data by hackers.

Researchers from the University of Washington have uncovered a new type of attack called Surfing Attack. It was announced that the name of the Surfing Attack method, which was announced at a conference held in the USA last week, came from the ultrasonic waves that allowed the attacks to take place by surfing the surface of the phones.

These ultrasonic waves, called Lamb Waves, are designed to be transmitted in the frequency range of 20 to 40 kHz. Since the hearing range of the human ear is in the range of 2 to 20 kHz, these waves are not heard by humans. However, these ultrasonic waves can be used to mimic sound models of a potential target to access voice-operated devices.

Researchers have proven that reading aloud jobs and messages with voice assistants can be transferred to other phones via these waves. The researchers tested their theses on 17 different phones and 4 different surfaces.

In experiments, an ultrasonic wave generator was placed on the table to encode different messages into ultrasonic waves. A recording device was placed under the surface to record the answers of the phone that will be the target of the attack. In order not to be detected by the targets, the researchers first sent signals to reduce the volume of the phones. While the answers on the phones with reduced voices were recorded in this way, people could not hear what was going on.

The researchers explained that their trials on 15 of the 17 phones used in the experiments and 3 of the 4 surfaces were successful up to a distance of 10 meters. During the experiments, the method failed only on Galaxy Note 10+ and Huawei Mate 9. The researchers explained that the curved designs of these phones played an important role in the failure of this attack.

Ning Zhang, one of the scientists who conducted the research at the University of Washington, said that the results of the research can only be aimed at warning against distant risks. Zhang explained that their main goal was to raise awareness of such attacks.

Researchers offer several options to avoid such attacks. The first is to disable voice activations on the lock screen. The second method is to have much less information on the lock screen. As a simpler method, it is suggested that the phone be left on a tablecloth. The weaving patterns of the tablecloths during the experiments caused the Surfing Attack to fail.