Savvy threat actors can recover conversations using lightbulbs

Lightbulb eavesdropping doesn’t even require a smart bulb

Researchers at the Ben-Gurion University of the Negev and the Weizmann Institute of Science have successfully demonstrated it’s possible to track and recover conversations by closely observing lightbulbs. This new eavesdropping technique, which a research group dubbed Lamphone, records slight frequency variations in a lightbulb to recover speech, conversations and songs played within a particular room.

During the experiments, researchers found by using a remote electro-optical sensor to analyze a lightbulb's frequency response to sound, they could recover speech and music. The recovered speech was then accurately transcribed by Google's Speech to Text API while Shazam was able to recognize the singing clips. 

The team recovered sounds from 82 feet away using equipment such as a bigger telescope or 24/32 bit analog-to-digital convertor. Researchers say this range can be extended even further.

While analyzing the side effects of sound waves on nearby objects is concerning, researchers claim “they are limited in one of the following ways: they (1) cannot be applied in real time (e.g., Visual Microphone), (2) are not external, requiring the attacker to compromise a device with malware (e.g., Gyrophone), or (3) are not passive, requiring the attacker to direct a laser beam at an object (e.g., laser microphone).”

This isn’t the first time lightbulbs have encroached on users’ privacy. In February, a vulnerability in Philips smart lightbulbs allowed threat actors to access targeted Wi-Fi networks. Tracked as CVE-2020-6007, the vulnerability enabled malicious actors to infiltrate a home or office's computer network over the air to spread ransomware or spyware. A similar vulnerability impacted LIFX smart bulbs in the same month.

There are ways to protect your smart lightbulbs from malicious threat actors, according to Cyware. Cyware recommends using decorative lampshades and curtains to protect lightbulbs. The site also suggests using low-transmittance window glass to prevent intruders from seeing inside of rooms of a home or office.

For smart bulb users, it’s important to keep lightbulbs up to date too. To keep such lightbulbs secure, users should ensure that the bulbs have been patched with the latest security updates released by the lightbulb’s manufacturer.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Russia launched over a million cyber attacks in three months
hacking

Russia launched over a million cyber attacks in three months

13 Apr 2021
Hackers leak data from dark web marketplace
cyber security

Hackers leak data from dark web marketplace

9 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
University of Hertfordshire's entire IT system offline after cyber attack
cyber attacks

University of Hertfordshire's entire IT system offline after cyber attack

15 Apr 2021
Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget
Mobile Phones

Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget

13 Apr 2021