A group of scientists from Cambridge (UK) and Linköping (Sweden) universities told about a new technique of hacking, which allows you to guess the password protecting smartphones and tablets with very high accuracy. The essence of the “acoustic” attack is to eavesdrop on the sound of fingers touching the touch screen.
Similarly, researchers have previously hacked into devices protected by a graphic pattern. First, a spyware application is installed on the target smartphone, with access to the microphones and dynamics, which turns it into an echo sounder. Similar detection systems are used, for example, on submarines, allowing them to be aware of the approach of ships and other objects under the surface of the water.
Further, when the victim enters a password, the program picks up the sound waves that are inaudible by the human ear, which occur when the fingers hit the screen. Then the machine learning algorithms come into play: determining which of the microphones was the first to hear the sound — and this can happen in a split second — the system tries to guess which part of the display the user could touch.
In one test, the system guessed a 4-digit PIN in 74% of cases after 10 attempts, writes Business Insider. In the other, for passwords consisting of 7–13 characters, the accuracy was 30% after 20 attempts. In addition to numbers, the system is able to guess individual letters and even whole words. The work of scientists can be found on the scientific archive site arXiv.org.
This trick, however, will be very difficult to turn in real life. The fact is that almost all modern operating systems block access to the microphone if the user has not given the application the appropriate permission.