Researchers have found a potentially dangerous and utterly complex flaw in Android and iOS-powered devices, but still interesting, nonetheless.
According to a paper published in Electromagnetic Compatibility (opens in new tab), hackers could gain access to Apple’s virtual assistant Siri by sending radio waves to a pair of unshielded iPhone earbuds.
Researchers at French security organization ANSSI have found a way to send radio waves to these devices. They simulate the button press associated with waking up Siri, and after that they can send personal messages, access apps, and open the wallet.
“In this paper, we exploit the principle of front-door coupling on smartphones headphone cables with specific electromagnetic waveforms. We present a smart use of intentional electromagnetic interference, resulting in finer impacts on an information system than a classical denial of service effect. As an outcome, we introduce a new silent remote voice command injection technique on modern smartphones,” wrote the researchers José Lopes Esteves and Chaouki Kasmi.
As smartphones become an inseparable part of our everyday lives, they also become the primary target for hackers around the world, looking for a way to steal data, use our devices for a botnet and place unwanted ads.
Android was recently hit by something called Stagefright, which is the biggest threat Google’s mobile operating system has ever seen. Stagefright allows an attacker to take over a victim’s mobile device by simply sending them an mp3 or an mp4 file. The problem is in the way the device handles media, which allows a hacker to completely take over a device.