Leaving headphones or earphones plugged in, or your PC speakers turned on, is now a security risk.
Hackers will try anything to gain access to your personal details and data in an attempt to profit from them. Any device attached to your PC should be viewed as a threat, and that now includes your speakers.
As Engadget reports, a team of researchers at Ben Gurion University in Israel created a proof-of-concept software hack that turns your computer speakers into a microphone. In so doing, a user is completely oblivious to the fact they are being listened to and possibly recorded. It also works with any headphones or earphones plugged into a PC.
Here’s the software in action:
Many of the motherboards fitted inside PCs today ship with on-board audio provided by Realtek. And it’s here that the problem exists. The researchers managed to hijack the Realtek software that manages audio.
In so doing, they could remotely switch the speaker and microphone jacks, so the speaker connection becomes a two-way connection allowing audio to be heard through them.
That may sound ridiculous, but the design of speakers and microphones are basically the same. As the video below demonstrates, all you have to do is plug your speakers/headphones/earphones into the microphone jack and start recording.
The software is called SPEAKE(a)R, and thankfully it hasn’t been made available by the research team, it’s just a test to prove a theory. But now it has been proven, others will attempt to implement it as a real piece of malware that can infect a PC. Realtek needs to respond with a fix before that happens.