According to a study, hackers can use AI to steal passwords over Zoom by listening to keystrokes with a 93% accuracy rate.

According to a study, hackers can use AI to steal passwords over Zoom by listening to keystrokes with a 93% accuracy rate.

AI Can Steal Passwords from Keystroke Sounds Recorded over Zoom with Up to 93% Accuracy

Zoom

Imagine a world where your passwords are no longer safe, even during a seemingly harmless video conference. According to a recent study by a group of researchers from Durham University, the University of Surrey, and the Royal Holloway University of London, an AI tool can decipher text, including passwords, from keystroke sounds recorded over Zoom with an astonishing accuracy rate of 93%.

The researchers developed an AI model, based on the principles of deep learning, that successfully decoded keystrokes from a recording of a MacBook’s keystrokes made over the popular video conferencing software Zoom. The AI tool achieved a 93% accuracy rate, demonstrating the significant vulnerability posed by “acoustic side-channel attacks” on keyboards.

Side-channel attacks are tactics used by hackers to exploit information indirectly, rather than directly attacking a system’s code. By analyzing factors such as power consumption or the sounds produced by keystrokes, hackers can gain valuable insights into a system’s operation.

The experiment used a 2021 16-inch MacBook Pro, chosen for its consistent keyboard design with other recent MacBook models. The AI tool utilized deep learning, a subset of machine learning that mimics the human brain’s approach to analyzing data. This powerful combination allowed the researchers to demonstrate the potential risks posed by acoustic side-channel attacks.

Interestingly, the accuracy rate of the AI tool increased to an impressive 95% when keystrokes were recorded using an iPhone 13 mini. This finding suggests that even seemingly innocuous devices like smartphones are not exempt from the threat of acoustic side-channel attacks.

The study also provided some insights into potential countermeasures. For instance, using passwords that contain full words may increase the risk of attack. Additionally, touch typing and introducing background noise seemed to reduce the accuracy of the AI tool. These findings offer some preliminary guidelines for protecting oneself against acoustic side-channel attacks.

It’s worth noting that attacks exploiting acoustic emanations have a long history. As far back as 1982, a partially declassified document from the National Security Agency (NSA) highlighted the vulnerability of acoustic emanations. This research further emphasizes the importance of addressing and understanding the growing risks associated with AI tools and their potential impact on security and privacy.

AI-powered tools have the capability to make online scams more difficult to detect since they can be personalized for each target. The advancement of AI and 5G technology has raised concerns among specialists, who warn that these developments may amplify cybersecurity threats in internet-connected devices.

While acoustic side-channel attacks are still understudied, this research sheds light on a previously unexplored vulnerability. The ability of an AI tool to decipher passwords from keystroke sounds recorded over Zoom serves as a significant wake-up call for individuals and organizations alike. As we continue to embrace technology in our lives, it becomes increasingly critical to develop robust security measures that can protect against these emerging threats.

The study’s authors have not yet provided additional comments on the implications of their research. However, the need for immediate action in response to these findings is evident. Strengthening the security of our digital systems and staying vigilant against potential attacks is paramount to safeguarding our sensitive information and maintaining our privacy in an increasingly interconnected world.