Hackers can turn your speaker into cyber-weapon, produce 'deafening noises'
In a rather weird case, cybersecurity researchers have claimed that your speaker can be turned into a low-grade, albeit dangerous, cyber-weapon. They recently conducted a study and found that hackers can easily hijack dedicated and embedded speakers to produce 'deafening sounds' capable of causing physical harm to a person. Here's all about the hack and possible attack.
Turning speakers into low-grade cyber-weapons
Matt Wixey, a security researcher at technology firm PwC UK, wanted to see how malware could be used to cause physical harm in the real world. The idea sounds insane, but Wixey took the right approach towards it. He explored the possibility of hacking speakers to produce sounds that could not only disrupt large organizations or harass people but also damage their hearing.
In test, the viruses worked as he expected
After writing custom viruses and other exploits for hacking speakers, Wixey tested them on audio-enabled devices, including laptops, mobile phones, headphones, various kind of speakers, and a PA system. The experiment, conducted as part of his PhD work, revealed that the malware could easily gain control of the devices and manipulate their volume to produce low/high-frequency sounds for incredibly long periods.
Known loopholes leveraged through remote, physical access
"Some attacks leveraged known vulnerabilities in a particular device, which could be done locally or remotely in some cases," Wixey told BBC, adding that "other attacks would either required proximity to the device (hacks through Wi-Fi or Bluetooth networks), or physical access to it."
And, apparently, the devices did nothing to block attacks
On the basis of the experiments, Wixey emphasized that such a hack could be used to disorient a person, harm their hearing, or cause problems like tinnitus or psychological imbalance. He noted sustained levels of weaponized noises could prove fatal and that the devices didn't do much to block these kinds of attacks and prevent themselves from being turned into 'offensive' cyber-weapons.
So, what to do now?
Though current speakers and laptops may not be strong enough to beat hacking attempts, Wixey has started talks with device manufacturers to develop safety defenses. The idea is to inform manufacturers about the issue and help them develop systems that can act, in case someone attempts to hack a dedicated and embedded speaker and produce unimpeded deafening sounds.
