Security News > 2021 > August > ‘Glowworm’ Attack Turns Power Light Flickers into Audio

Virtual meetings are vulnerable to a new, exotic attack called Glowworm, which measures an audio output device's LED power light changes and converts them to audio reproductions - allowing cyberattackers to listen to sensitive conversations.

As an increasing amount of business is being conducted over platforms like Microsoft Teams, Zoom, Skype and others, the findings present an entirely new attack vector for such electronic communications.

A team of researchers at Ben-Gurion University have published a paper on the Glowworm vector, which is technically known as a Telecommunications Electronics Material Protected from Emanating Spurious Transmissions attack - the U.S. National Security Agency designation for unintentional digital signals which can be picked up and used to compromise data security.

"Our experiments show that many products of various manufacturers are vulnerable to the Glowworm attack," the team explained.

The researchers demonstrated how a Glowworm attack might work by pointing a telescope with an electro-optical sensor from 35 meters away at speakers connected to laptop.

Worried about where the next attack is coming from? We've got your back.

News URL

https://threatpost.com/glowworm-attack-light-flickers-audio/168501/