PDA

View Full Version : Safer Computing: 21/10/2016


Wally
21st October 2016, 04:47 PM
B U L L E T I N (ID: HKRI-AEXD6D)

Perhaps users would be wise never to type out sensitive information like passwords when they're on a Skype call.

Attackers could theoretically leverage Skype to steal a user's passwords by collecting and analyzing the sound of their keystrokes. The method of attack developed by researchers at the Sapienza University of Rome, University of Padua, and UC Irvine isn't like most sound-based keylogging efforts, which generally require that the attacker makes use of other connected devices, maintains close proximity to the target computer, or first infects it with malware.

Instead this attack relies on an actor remotely eavesdropping on the acoustic emanations of a user's keystrokes and analyzing them in order to reconstruct the target's input.

Sounds complicated, but it's easy enough to do during a Voice over Internet Protocol (VoIP) call like Skype.

W E B L I N K S

By David Bisson: http://www.teampicard.com/images/smilies/icon_arrow.gif https://www.grahamcluley.com/whats-nois ... kes-skype/ (https://www.grahamcluley.com/whats-noise-sound-attackers-logging-keystrokes-skype/)