"OK Google": How a hacker can surf into your phone silently
A "SurfingAttack"
Cellphones are our constant companions -- they go with us where we travel, work and sleep. But these trusty sidekicks may be selling out secrets by communicating with nefarious devices using soundwaves too high for us to hear. While previous research has demonstrated how such a one-off attack might be done through the air to secretly access our mobile devices, a new study has now demonstrated a way this can be done across different table surfaces to enact multiple, nefarious commands.
This kind of attack would be able to access your text messages and make fake calls all without you even noticing.
This new kind of attack is called a "SurfingAttack" and is described in a study presented Thursday at the Network and Distributed System Security Symposium in San Diego. The authors write in the study that the name takes its cue from the way the ultrasonic waves used in the attack "surf" across a table's surface.
These ultrasonic waves, called Lamb waves, are designed to be delivered in a frequency range of 20 to 40 kHz and can use previously established methods to mimic voice patterns of a potential target in order to access voice printed devices. To put that frequency in context, a human's average hearing range is only between 2 Hz and 20 kHz, putting this signal just out of range.
The researchers say that the attack is as simple as encoding short messages like "OK Google" or "read messages" into these indecipherable waves and sending them through surfaces to a nearby phone.
"The SurfingAttack uses ultrasound waves to secretly activate the voice assistants of your smartphones placed on the table, read your private messages, extract your 2-factor authentication passcodes, or even call your friends using 'your voice,'" co-author and assistant professor of computer science at Michigan State University, Qiben Yan, tells Inverse. "It could enable a powerful telecommunications fraud: the attacker uses the victims’ smartphone to call their acquaintances. Surfing Attackers could interact with the victims’ voice assistants in multiple rounds to steal financial information, trade secret.
This SurfingAttack was tested on 17 phones, four different surface types and took primarily two forms: first, having the target phone read a sensitive text message aloud, and second, having the device make a fraudulent phone call.
In these experiments, a waveform generator was placed on the table to encode different messages into ultrasonic waves and a recording device was placed under the experimental table's surface to record the target phones' responses. In order to avoid being found out by their target, the researchers first sent signals to the phones to turn down their volume such that the recorder could hear the responses but the human target could not.
The researchers found that their attack was successful in 15 out of 17 phones they tried, on 3 out of 4 surfaces and at a distance as far as 30 feet. As for the phones that were not successful, a Samsung Galaxy Note 10+ and Huawei Mate 9, the authors write that both had curved backs and or screens, which may be disrupted how the signal carried. The researchers also found that plastic appeared to be a harder surface for the wave to travel through but that wood, metal, and glass were a piece of cake.
When it comes to illuminating these design flaws, lead author and assistant professor of computer science and engineering at Washington University in St. Louis, Ning Zhang, said in a statement that he hopes these results will help alert users to the risks not only from distant, digital hackers but from nearby physical hacks as well.
"We want to raise awareness of such a threat," said Zhang."I feel like not enough attention is being given to the physics of our computing systems. This is going to be one of the keys in understanding attacks that propagate between these two worlds."
As for deterring an attack like this, the authors write there are a few options. Users can disable voice activation for their lock screens, or go into settings and limit the amount of information that can be accessed through a locked screen.
"[K]eep an eye on your devices placed on tabletops; reduce the touching surface area of your phones with the table; use thicker phone cases made of uncommon materials such as wood; disable your Voice Assistants on lock screen and lock your device when you put it down," says Yan.
Or, more simply, just put the phone on a tablecloth. The authors write that the woven pattern of the material proved effective at blocking the signal of their SurfingAttack during experimental trials.
Abstract: With recent advances in artificial intelligence and natural language processing, voice has become a primary method for human-computer interaction. It has enabled game-changing new technologies in both commercial sectors and military sectors, such as Siri, Alexa, Google Assistant, and voice-controlled naval warships. Recently, researchers have demonstrated that these voice assistant systems are susceptible to signal injection at the inaudible frequencies. To date, most of the existing works focus primarily on delivering a single command via line-of-sight ultrasound speaker or extending the range of this attack via speaker array. However, besides air, sound waves also propagate through other materials where vibration is possible. In this work, we aim to understand the characteristics of this new genre of attack in the context of different transmission media. Furthermore, by leveraging the unique properties of acoustic transmission in solid materials, we design a new attack called SurfingAttack that would enable multiple rounds of interactions between the voice-controlled device and the attacker over a longer distance and without the need to be in line-of-sight. By completing the interaction loop of inaudible sound attack, SurfingAttack enables new attack scenarios, such as hijacking a mobile Short Message Service (SMS) passcode, making ghost fraud calls without owners’ knowledge, etc. To accomplish SurfingAttack, we have solved several major challenges. First, the signal has been specially designed to allow omni-directional transmission for performing effective attacks over a solid medium. Second, the new attack enables multi-round interaction without alerting the legitimate user at the scene, which is challenging since the device is designed to interact with users in physical proximity rather than sensors. To mitigate this newly discovered threat, we also provide discussions and experimental results on potential countermeasures to defend against this new threat.
Article has been updated to include researcher comments.