A group of researchers from the French government's Network and Information Security Agency (ANSSI) have found a way to silently and wirelessly inject voice commands into unlocked iPhones and Android gadgets.
The technique, detailed in a paper published by the IEEE, requires the devices to have a wired headphones plugged in – specifically headphones with a builtin microphone – and works by turning this cable into an antenna.
Once in range, commands can be transmitted to the phone over the air by radio wave, which are picked up by the cable and turned into electrical signals. These are interpreted by the smartphone as a voice command from the microphone, and used to send texts or emails via voice control, or open a browser and visit a website stuffed with malware.
Thus, commands can be broadcast silently to Siri or Google Now running on the smartmobe from a few feet away.
"We exploit the principle of front-door coupling on smartphones' headphone cables with specific electromagnetic waveforms," the researchers wrote in their paper, which was published earlier this year but spotted this week.
The equipment needed for the hack isn't too expensive. The researchers managed to stuff a backpack with a software-defined radio, an amplifier and antenna, and some other bits and bobs that would transmit to a victim's phone within six or seven feet. A larger system could do the job from 16 feet, but you'd need a bit more equipment.
The gear limits the technique's effectiveness somewhat, but in a crowded location the opportunities for money-making are clear. Broadcast a message in a crowded airport lounge or train station, for example, and a lot of people could find themselves popping open webpages to unpleasant stuff.
There are some workarounds that protect against this. Disabling voice activation when the phone is on lock-screen mode is one idea, and keeping an eye on your phone when having the headphones are in is another.
Or you could simply not worry about it: it's not a particularly practical attack, although a rather interesting one.
The authors also recommend shielding headphone cords to make it harder to force a signal through, or using other electronic blocks to make the attack impossible. But in the meantime, if your headphones have a microphone, check your phone if you're rocking out with the bins on. ®