Saturday, July 13, 2024
EHA

‘Glowworm’ Attack Spy Conversations of Participants in Virtual Meeting Platforms

The analysts of the Ben-Gurion University of Negev in Israel have detected a very unique way to spy on electronic conversations. The main initiative of finding this unique method was the TEMPEST Glowworm attack.

According to the report, this attack was targeting the speech of participants in a virtual meeting platform. The threat actors of this attack measure an audio output device’s LED power light that generally turns and transforms them into audio reproductions.

However, doing this generally allows the threat actors to have all the delicate conversations and know all the data that were being discussed in the meeting.

A modern and passive approach 

According to the experts, the most active features of the Glowworm attack that makes it more powerful are its modernity and its passivity. 

However, the approach for this attack needs no current signaling, as it would be resistant to any sort of electronic countermeasure movement.

The attack has complete passivity and it differentiates it from comparable approaches like a laser microphone that can pick up audio from the fluctuations on a windowpane. The threat actors of Glowworm do not need any sudden signal leakage or any kind of intrusion.

It only requires “The Thing” well it was a Soviet gift to the US Ambassador in Moscow, and both needed “illumination” and that’s why it transmitted a clear signal while it was being illuminated. 

Defense of Glowworm

However, we know that Glowworm has the ability to spy on the conversation without revealing itself, the main thing in this attack is that Glowworm doesn’t communicate with the actual audio, as it only depends upon the side effect of electronic devices that were producing audio during the meeting.

Glowworm has no real risk as it does not capture the audio of the one those who were present in the meeting room, the threat actor generally depends upon the remote participants whose voices are impersonated over the conference room audio system.

Glowworm Probation

After investigating the attack, the analysts have demonstrated the whole Glowworm experiment, this attack may work by designating a telescope with an electro-optical sensor from 35 meters away and along with speakers which are generally equated to the laptop.

0

However, the team has successfully captured a statement that was being played on the speakers, and later it was rendered by Glowworm. 

Most of the business that was being conducted over platforms like Skype is more sensitive enough and it is also difficult to attract eavesdroppers supplied with telescopes.

Glowworm Attack Demonstration

Apart from this, the security experts have found a way to stop this attack, however, it’s a unique method that will help to expose all the data which were being discussed in the meeting room.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles