Researchers Hack Smartphone And Fitness Tracker Accelerometers Using Sound Waves

Sound Wave Hacking

There are many different methods of hacking. Most of them involve some sort of software code, whether it is installing malware on a system or hacking a vulnerability to gain unauthorized access to a system or device. The Internet of Things (IoT) category is especially susceptible to hacking due to a surprising lack of basic security practices. However, researchers at the University of Michigan discovered a different way of wreaking havoc, and it involves sound waves.

What the group of researchers found is that accelerometers can be manipulated through sound. This is called an analog acoustic injection attack. While that may sound trivial, consider that millions of devices are equipped with accelerometers, including smartphones, medical devices, automobiles, anti-theft devices, fitness bands, IoT devices, and a range of other industrial and consumer products.

According to the researchers, attackers who have the capabilities to deliver high intensity acoustic interference can effectively spoof the sensor to output arbitrary signals of his or her choosing. They have to be in close proximity to the target, but with millions of potentially vulnerable devices out there, this has the potential to be a serious threat.


"With proper knowledge of the algorithms that are utilizing the polluted sensor data, adversaries may be able to control the behavior of a system that relies on the sensor data to make automated decisions," the researchers say.

In a video posted to YouTube, the researchers demonstrated this hack in a few different ways. In one example, they placed a music video laced with special tones on a Samsung Galaxy S5 smartphone. The tones caused the internal accelerometer to output a signal spelling "WALNUT." And in another example, sound waves are used to add recorded steps to a fitness band. In yet another example, the researchers took control of a remote control toy car.

Manipulating toys does not seem all that scary, but it's the more sinister possibilities that are of concern. Imagine taking over a nearby drone or messing with an autonomous vehicle.

Of the 20 different MEMS (microelectromechanical systems) the researchers tested, 17 were vulnerable to acoustic interference at 110 db SPL. That includes a variety of sensors from manufacturers such as Bosch, STMicroelectronics, InvenSense, Analog Devices, and Murata.

Show comments blog comments powered by Disqus