Dec 30 2022

EarSpy – A New Attack on Android Devices Use Motion Sensors to Steal Sensitive Data

Category: Cyber Attack,Smart PhoneDISC @ 10:17 am

There has been a new eavesdropping attack developed by a team of security experts for Android devices which has been dubbed “EarSpy.” With the help of this attack, attackers can detect the following things:-

  • Caller’s gender
  • Caller’s identity to various degrees
  • Speech content

As part of its exploratory purpose, EarSpy aims to capture motion sensor data readings generated by the reverberations from the ear speaker in mobile devices in order to create new methods of eavesdropping.

Universities Involved in this Project

Cybersecurity researchers from five American universities have undertaken this academic project called EarSpy. These are all the names of the universities that are affiliated with this project:-

  • Texas A&M University 
  • New Jersey Institute of Technology
  • Temple University
  • University of Dayton
  • Rutgers University

Evolution of Smartphone Tech

Smartphone loudspeakers have been explored as a potential target for such attacks. As a result of this, the ear speakers are incapable of generating enough vibration to allow eavesdropping to be executed properly for the side-channel attack.

While the audio quality and vibrations of modern smartphones have improved greatly as a result of more powerful stereo speakers.

Even the tiniest resonance from a speaker can be measured by a modern device because it has more sensitive motion sensors and gyroscopes.

It is remarkable how little data is recorded on the spectrogram from the earphones of a 2016 OnePlus 3T, while a stereo ear speaker on the 2019 OnePlus 7T produces a significant amount of information.

As part of their experiments, the researchers used a OnePlus 7T device as well as a OnePlus 9 device. Both of these devices were used by the researchers to play pre-recorded audio through their ear speakers only using a variety of pre-recorded audio sets.

Although the results of the tests varied according to the dataset and device, they indicated that eavesdropping via ear speakers can be accomplished successfully.

To Check more on Detection Performance & Recommendation:

Based on the features in the time/frequency domain of the ML algorithm, the detection performance for the OnePlus 7T device has been tested, and here below we have mentioned the output chart:- 

EarSpy Android


Infosec books | InfoSec tools | InfoSec services


Tags: Android, Steal Sensitive Data


Apr 14 2022

Android Tips and Tricks for Getting the Most from Your Phone

Category: Mobile SecurityDISC @ 3:57 pm

Gone are the days when phones were only used to make phone calls and send text messages; nowadays, smartphones are more akin to a pocket-sized version of a high-functioning microcomputer that can perform a wide range of functions aside from communications. Android phones are essentially a sub-category of smartphones with installed Android operating systems, allowing their features to function effectively. Today, virtually everybody owns a smartphone, especially the prevalent android versions. More advanced versions of these phones are released yearly with newer innovations and improved operating systems to enhance user experience. It’s simply a cutting-edge technology that we can’t get enough of.

Nowadays, Android phones are quickly becoming a must-have gadget because they are used to perform virtually all everyday functions, from communication, advertising, and marketing to entertainment. They also serve as a means of accessing information through social media and can be used for a wide variety of other functions like taking high-quality pictures, watching movies, typing documents, etc.

Overall, technology has truly revolutionized our daily lives, and the introduction of smartphones made it easier and faster for us to access information and communicate with greater ease. However, aside from the numerous conventional functions that we use our android phones for, there is a long list of hidden features, tricks, shortcuts, and quick hacks that you can take advantage of with your Android phone. 

In this article, we will discuss some of the Android tips and tricks for getting the most from your phone.

Table of Contents

Protect your Android Phone with Security Apps: Anti-Theft Alarm app, Records the phone’s location and captures a picture with a front camera

👇 Please Follow our LI page…


DISC InfoSec

#InfoSecTools and #InfoSectraining

#InfoSecLatestTitles

#InfoSecServices

Tags: Android


Feb 05 2013

Is biometric authentication a new standard for Smartphone’s

Category: Smart PhoneDISC @ 5:07 pm

biometric authentication

Biometric device rely on measurement of biological characteristic of an individual such as fingerprinting, hand geometry, voice recognition and Eris pattern. In this post we will discuss if biometric authorization is going to become a standard technology in the future especially the Finger Print technology which matches with loops and whorls of the finger and compare with the stored data template of an individual and when match is found, access is granted.

Issues surrounding biometric authentication

Significant issues when considering biometric technology is counterfeiting, data storage, user acceptance and reliability. The most significant issue of this technology is the integration with existing infrastructure, more specifically integration with network access software. Continue reading “Is biometric authentication a new standard for Smartphone’s”




Tags: Android, Apple, AuthenTec, Biometrics, Fingerprint, Fujitsu, iPhone, Japan


Nov 01 2012

10 reasons to ponder before using your smartphone for banking

Category: Smart PhoneDISC @ 11:55 am


 

Mobile Payment Security

01) There is no clear legislation that sets out your rights to receive a refund if your bank account is fraudulently emptied due to mobile bank app insecurity. The burden of proof seems to be on the user to protect their handset, operating system, software, mobile operator infrastructure and everything else in the “chain” of the transaction.

02) Of course you want to be able to use WiFi hotspots, this means you are in most cases operating on an insecure wireless network. It’s so easy for “bad guys” to sniff the air with a free utility and read your details.

03) Most users have not even set up a basic passcode on their devices (smartphones). Therefore if some gets access to the device, they have potentially access to their bank account.

04)  Most app stores do not test the security of apps. It is very easy for the “bad guys” to put Malware in the apps that can steal information from your device or other apps on your phone/device (e.g. banking app). Or it can happen when the app updates.

05) Most Smartphone device users have not installed security software on their device. Therefore they have less security than comparing to a laptop or PC with security software installed.

06) The average Smartphone users does not regularly perform OS (Operating System) updates. Many of these updates are critical security patches.

07) Due to performance issues, many of the lower cost handset manufacturers are disabling security features in order to improve performance of the device.

08) Malware on the Android platform smartphone alone has gone up over 400% in the last year

09) The technology that keeps apps separate on device does not separate them out into private sandboxes. This means that one app can read the details stored in another app without much difficulty.

10) ) If you check the T&C’s (terms and conditions) from  local  banking app and they may  want you to grant permission for the app to know your phone location (GeoIP).




Tags: Android, Geolocation, Malware, Operating system, Personal computer, Security, Smartphone, Wi-Fi


Jan 03 2011

New virus threatens phones using Android

Category: MalwareDISC @ 5:39 pm
it's real :)
Image via Wikipedia

Mobile Malware Attacks and Defense

WASHINGTON (AFP) – A virus infecting mobile phones using Google’s Android operating system has emerged in China that can allow a hacker to gain access to personal data, US security experts said.

A report this week from Lookout Mobile Security said the new Trojan affecting Android devices has been dubbed “Geinimi” and “can compromise a significant amount of personal data on a user?s phone and send it to remote servers.”

The firm called the virus “the most sophisticated Android malware we’ve seen to date.”

“Once the malware is installed on a user’s phone, it has the potential to receive commands from a remote server that allow the owner of that server to control the phone,” Lookout said.

“Geinimi’s author(s) have raised the sophistication bar significantly over and above previously observed Android malware by employing techniques to obfuscate its activities.”

The motive for the virus was not clear, accoring the Lookout, which added that this could be used for anything from “a malicious ad-network to an attempt to create an Android botnet.”

But the company said the only users likely to be affected are those downloading Android apps from China.

The infected apps included repackaged versions sold in China of Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010.

“It is important to remember that even though there are instances of the games repackaged with the Trojan, the original versions available in the official Google Android Market have not been affected,” the security firm said.

Mobile Malware Attacks and Defense




Tags: Android, china, Google, Malware, mobile phone, Security, Servers, Trojan horse