The Hackr
nmap natgeo

Sound Waves Make it Possible to Hack Accelerometers

Scientists from University of Michigan and the University of South Carolina have found a way to attack accelerometers by using sound waves. This technique has allowed them to spoof accelerometer signals and feed devices and applications with fake data.

This new attack poses a serious security threat because most devices inherently trust all the data coming from accelerometers. And most devices don’t feature protection systems to detect spoofed signals coming from local sensors.

The flaw is found in more than half of the 20 commercial brands from five chip makers.

 

Sound waves induce fake motion into accelerometers

The principle behind this hack is simple. Accelerometers have a sensing mass that sits on a series of springs. By sending finely-tuned sound waves to the accelerometer, the sound waves induce controlled movement into sensing mass.

 

 

Furthermore, this action is recorded by the springs as a motion, even if the accelerometer and the rest of the device (where the accelerometer has been embedded in) stands still.

In recently released research paper, researchers showed how they used fake steps to a Fitbit fitness monitor. They played a “malicious” music file from the speaker of a smartphone to control the phone’s accelerometer.

That allowed them to interfere with software on the smartphone, like an app used to pilot a radio-controlled toy car.

By using previously prepared sound waves, researchers made the car move without interacting with the smartphone.

Similarly, they also used sound waves aimed at a Fitbit device to record 3,000 steps on the device, generating fake data and earning financial rewards.

Using Sound Waves to attack Accelerometer

A speaker can make tones that fool a sensor and cause a microprocessor to accept the sensor readings. Credit Joseph Xu/University of Michigan

Attack has widespread repercussions

The attacks were trivial and had no immediate effect on the security of the device’s human operator.

Nevertheless, their research shows a new attack vector that can be truly devastating if used for nefarious purposes. And also against devices in industrial systems, where accelerometers deploy oftenly.

Scientists say the sound waves used in these attacks could be embedded in songs played over a user’s speakers. However, no need of high-end speakers, and regular $5 speakers are enough to replay the malicious sound waves.

Experiments on the 20 models of accelerometers show that

75% are vulnerable to output biasing attacks(i.e., insecure low pass filters enable false fluctuating output measurements under acoustic interference).

65% are vulnerable to output control attacks (i.e., insecure amplifiers enable false constant output measurements under acoustic interference).

The results confirm that system software does not adequately validate the integrity of sensory data — blindly trusting the output of sensors by default.

For further technical details of attack, refer this research paper.

The US CERT team has published a list of possibly affected accelerometer models by this attack. Bosch has already issued an official statement on this issue.

 

Abhilash

It was a hobby I got into a long time ago, hacking cameras. And I am here making posts @TheHackr today!

Chat With Our Bot ☎️

IntroducingTheHackr Chatbot,now anyone can interact with our messenger bot and get daily crunches about Cyber-Security in just a clicks away!

up