Trojan Speake(a)r turns connected to Mac and PC headphones microphone for remote recording of conversations
Researchers from the University named after Ben Gurion University in Israel have developed malware, which can be almost any computer with a connected headset to turn into a listening device. Writes Nplus1, the program uses the built-in automatic detection of connected devices in audiochip Realtek.
There are several ways to monitor the computer users. They vary in complexity, but in the vast majority of cases in common — these methods typically use a particular vulnerability in the operating system and the electronic components of the computer.
A new malware, developed by Israeli researchers, uses the built-in function common audiochip Realtek, through which is implemented on computers playback and sound recording. Modern such chips usually have wiring on two mini-jack connectors for headphones and microphone, or a single multi-connector mini-jack for connection of headset, headphones or microphone.
When connecting a device, the audio chip can automatically detect it and depending on it to reassign the connector. For example, if you connect a microphone into the headphone Jack, the connector can be reassigned is not for playing and recording sounds. This feature can be disabled programmatically.
Malware Speake(a)r is able to reassign the connector with headphones connected, turning the latter into the microphones. A laboratory experiment was carried out with headphones company Sennheiser, which and software the researchers were able to make a clear record speech from a distance of six meters.
According to the researchers, their malicious code running on the computers with operating system Windows and macOS.