"New 'Glowworm Attack' Recovers Audio From Devices' Power LEDs"

Researchers at the Ben-Gurion University of the Negev have demonstrated a method for spying on electronic conversations. They released a new paper outlining a novel passive form of the TEMPEST attack called Glowworm. The Glowworm attack transforms minute fluctuations in the intensity of power LEDs on speakers and USB hubs back into the audio signals that created those fluctuations. The Cyber@BGU team analyzed various widely used consumer devices, including smart speakers, PC speakers, and USB hubs. They found that the devices' power indicator LEDs were commonly influenced perceptibly by audio signals fed via the attached speakers. The fluctuations in LED signal strength generally are not perceptible to the naked eye, but they are strong enough to be read with a photodiode coupled to an optical telescope. The power LED output's slight flickering, stemming from changes in voltage as the speakers consume electrical current, are transformed into an electrical signal by the photodiode. The electrical signal can then be passed through a simple Analog/Digital Converter (ADC) and played back directly. The idea is that a device's solidly lit LEDs will leak information regarding what it is doing. Novelty and passivity are the Glowworm attack's strongest features. As the method does not require active signaling, it would be immune to any electronic countermeasure sweep. This attack also does not require unexpected signal leakage or intrusion even while it is in active use. However, Glowworm does not interact with actual audio, only with a side effect of electronic devices that generate audio. A Glowworm attack, used to spy on a conference call, would not capture the audio of those present in the room. It would only capture the audio of remote participants whose voices are played via the conference room audio system. This article continues to discuss the new Glowworm attack that converts LED output into intelligible audio. 

Ars Technica reports "New 'Glowworm Attack' Recovers Audio From Devices' Power LEDs"

Submitted by Anonymous on