Savvy threat actors can recover conversations using lightbulbs

Lightbulb eavesdropping doesn’t even require a smart bulb

Researchers at the Ben-Gurion University of the Negev and the Weizmann Institute of Science have successfully demonstrated it’s possible to track and recover conversations by closely observing lightbulbs. This new eavesdropping technique, which a research group dubbed Lamphone, records slight frequency variations in a lightbulb to recover speech, conversations and songs played within a particular room.

Advertisement - Article continues below

During the experiments, researchers found by using a remote electro-optical sensor to analyze a lightbulb's frequency response to sound, they could recover speech and music. The recovered speech was then accurately transcribed by Google's Speech to Text API while Shazam was able to recognize the singing clips. 

The team recovered sounds from 82 feet away using equipment such as a bigger telescope or 24/32 bit analog-to-digital convertor. Researchers say this range can be extended even further.

While analyzing the side effects of sound waves on nearby objects is concerning, researchers claim “they are limited in one of the following ways: they (1) cannot be applied in real time (e.g., Visual Microphone), (2) are not external, requiring the attacker to compromise a device with malware (e.g., Gyrophone), or (3) are not passive, requiring the attacker to direct a laser beam at an object (e.g., laser microphone).”

Advertisement - Article continues below

This isn’t the first time lightbulbs have encroached on users’ privacy. In February, a vulnerability in Philips smart lightbulbs allowed threat actors to access targeted Wi-Fi networks. Tracked as CVE-2020-6007, the vulnerability enabled malicious actors to infiltrate a home or office's computer network over the air to spread ransomware or spyware. A similar vulnerability impacted LIFX smart bulbs in the same month.

Advertisement - Article continues below

There are ways to protect your smart lightbulbs from malicious threat actors, according to Cyware. Cyware recommends using decorative lampshades and curtains to protect lightbulbs. The site also suggests using low-transmittance window glass to prevent intruders from seeing inside of rooms of a home or office.

For smart bulb users, it’s important to keep lightbulbs up to date too. To keep such lightbulbs secure, users should ensure that the bulbs have been patched with the latest security updates released by the lightbulb’s manufacturer.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now


ethical hacking

Mobile banking apps are exposing user data to attackers

26 Jun 2020

Most malware came through HTTPS connections in Q1 2020

25 Jun 2020

Phishing attacks target unsuspecting Wells Fargo customers

24 Jun 2020

Trump administration wants to enhance the security of .gov sites

24 Jun 2020

Most Popular

Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020

How to find RAM speed, size and type

24 Jun 2020

Is it time to put Intel Outside?

10 Jul 2020