Hackers Can Turn Smartphones Into Sonar Devices to Steal Data

A team of researchers from Lancaster University (UK) and Linköping University (Sweden) has demonstrated a new type of side-channel attack. The specialists managed to turn an ordinary smartphone into a hydroacoustic system capable of stealing confidential information based on the victim’s finger movements on the screen.

The researchers were able to determine the unlock pattern of an Android smartphone (Samsung S4) by using the principle of a hydroacoustic system: they generated sound waves and captured their reflections from surrounding objects. The framework developed by the team, called SonarSnoop, works by having the mobile device’s speakers emit sound, which is then reflected and picked up by the device’s own microphone.

According to the researchers, the speakers send out OFDM signals at a frequency of 18-20 kHz, which is inaudible to most people, so users generally do not notice any sound activity. If the objects reflecting the sound are stationary, the reflected sound waves return at the same time. However, the situation changes when fingers move across the screen.

“The received signals are converted into what’s called an echo profile matrix, which visualizes these changes (in the sound waves reflected from the fingers) and allows us to detect movement. By combining the movements detected by several microphones, we were able to determine when the user taps or swipes their finger,” the researchers explained.

What is OFDM?

OFDM (Orthogonal Frequency-Division Multiplexing) is a digital modulation scheme that uses a large number of closely spaced orthogonal subcarriers to transmit data.