A recent study by researchers at Cambridge University (UK) and Linköping University (Sweden) concludes that Android device microphones can be used to pick up vibrations that occur when using the virtual keyboard on a phone or tablet, allowing hackers to ‘hear’ the user’s use of the device.
The area of the screen the user touched can be interpreted through sound waves that are recorded, as well as zones he touched and which keys he pressed. In this sense, hackers could use acoustic signals or sound waves produced when the user types on their phone keyboard to collect text messages, passwords, PINs and other private information. These attacks could occur if smartphone users downloaded a malware-infected application that would gain access to sensors on smartphones such as microphones, accelerometers, and gyroscopes.
The study was carried out with 45 participants in a real environment, and allowed to recover numerical codes, letters and words with a certain precision. The researchers deciphered seven of the 27 passwords on an Android smartphone and 19 of the 27 passwords on an Android tablet in 10 attempts, using an automatic learning algorithm that had classified each vibration.