Source: This article was first published on https://cyware.com/news/glowworm-an-attack-technique-that-recovers-sound-via-led-36de103a
Source: This article was first published on https://cyware.com/news/glowworm-an-attack-technique-that-recovers-sound-via-led-36de103a
Security researchers have developed a new attack technique that uses optical emission from a LED of a device. This attack can recover sounds from any external connected device and spy on electronic conversations. This attack can be performed from a distance of 15–35 meters, varying the pick-up quality.
A team of academics from the Ben-Gurion University of the Negev divulged the details regarding this attack, also described as an optical TEMPEST attack.
Glowworm attack is based on the optical relationship between the sound that is produced by a connected speaker and the strength of its power indicator LED directly connected to the power line as they are directly proportional.
In a real-world situation, this attack could be used to target speech generated by participants in a virtual meeting platform such as Google Meet, Microsoft Teams, and Zoom using speakers with LED.
As complicated as the Glowworm attack sounds, researchers have suggested an easy and unconventional solution for users by applying black tape on LED indicators of devices. Further, device manufacturers can add a capacitor or operational amplifier to remove fluctuations of power consumption that happen when speakers play sounds.