Friday, April 19, 2024

Lamphone – New Attacks Let Hackers Remotely Listen to Your Conversation While You Speak by Watching Light Bulb

Researchers uncovered a new type of attack named “Lamphone” let hackers spy and listen your private conversation by watching light bubs.

Nowadays, hackers are improving their methods at an increasing rate, and as a result, now they started the method of eavesdropping. Well, you might be thinking about how do they do it? Is it possible? 

Well, it is possible just with the help of a small bulb. You can spy on any secret conversations that are happening in a place or room from a nearby isolated location just by perceiving a light bulb hanging in there—visible from a window and estimating the volume of light it transmits.

Recently, a cybersecurity researcher team has discovered and illustrated a novel side-channel attacking method that can be utilized by eavesdroppers to collect full sound from a victim’s room that holds an overhead hanging bulb. 

One of the security researchers, from Israeli’s Ben-Gurion University of the Negev and the Weizmann Institute of Science, reported a new system for long-distance eavesdropping, which was named as “Lamphone.”

In this method, it enables anyone with a laptop and less than a thousand dollars of stuff, like a telescope and a $400 electro-optical sensor, will serve the threat actors to listen any sounds in a room that’s hundreds of meters away in real-time, just by observing the vibrations that are produced on the glass surface of a light bulb present inside the room.

How ‘Lamphone’ Attack Work?

The Lamphone is a new type of attack that occurs in remote areas. Well, in this type of attack, it connects on identifying vibrations from hanging bulbs as an effect of air pressure variations. 

When the vacillations hit their surfaces, these sound waves transpire and simply trigger hall to the attacker to collect the fragments of the on-going conversations. According to the security experts, this method could only be applied when the victim is inside the room or any office.

Well, to operate this method, the setup needs a telescope as it provides a close-up view of the room, holding the bulb from a distance. It also needs an electro-optical sensor that’s installed on the telescope to transform the light into an electrical current.

Moreover, it requires an analog-to-digital converter to convert the sensor output to a digital signal, and more importantly, a laptop that will carry out the incoming optical signals and output the collected sound data.

Demonstration of Lamphone Attack

The security experts demonstrated the Lamphone attack by showing a proper video explanation, that we have mentioned below to make the viewers understand clearly about the Lamphone attack:-

Here, the security experts have taken a statement made by the US President, Donald Trump, “We will make America great again.” Anyone can easily copy this speech of the President via Google’s Speech to Text API.

Moreover, the experts have also generated the audio of the Beatles’ “Let It Be” and Coldplay’s “Clocks,” which are remarkably clear and smooth, as anyone can quickly identify the song.

Here in this event, to recover the collected sound from the visual measures acquired from the vibrations of a light bulb and caught by the electro-optical sensor, the security researchers create an algorithm to obtain the sound via bulb.

Though the Lamphone attack could allow some new spying methods to hackers, but this type of method could be prevented quite easily. Here, to do so, all you have to do is to switch off the lights, so there are no visible changes in light to operate along with the acoustic vibrations, even you can also remove the bulbs as well. 

You must be known to the fact that this whole operation revolves around the outcome of the light bulb. In short, it’s not so critical, but we should always stay aware of these types of threats, as, with each passing day, hackers and their methods are constantly evolving.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read:

VLC Vulnerability Let Remote Hackers to Execute Arbitrary Code with User Privilege

Ripple20 – 19 zero-day vulnerabilities Affects Billions of IoT Devices


Latest articles

Alert! Windows LPE Zero-day Exploit Advertised on Hacker Forums

A new zero-day Local Privilege Escalation (LPE) exploit has been put up for sale...

Palo Alto ZeroDay Exploited in The Wild Following PoC Release

Palo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified...

FIN7 Hackers Attacking IT Employees Of Automotive Industry

IT employees in the automotive industry are often targeted by hackers because they have...

Russian APT44 – The Most Notorious Cyber Sabotage Group Globally

As Russia's invasion of Ukraine enters its third year, the formidable Sandworm (aka FROZENBARENTS,...

SoumniBot Exploiting Android Manifest Flaws to Evade Detection

A new banker, SoumniBot, has recently been identified. It targets Korean users and is...

LeSlipFrancais Data Breach: Customers’ Personal Information Exposed

LeSlipFrancais, the renowned French underwear brand, has confirmed a data breach impacting its customer...

Cisco Hypershield: AI-Powered Hyper-Distributed Security for Data Center

Cisco has unveiled its latest innovation, Cisco Hypershield, marking a milestone in cybersecurity.This groundbreaking...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.


Mastering WAAP/WAF ROI Analysis

As the importance of compliance and safeguarding critical websites and APIs grows, Web Application and API Protection (WAAP) solutions play an integral role.
Key takeaways include:

  • Pricing models
  • Cost Estimation
  • ROI Calculation

Related Articles