Researchers at the University of Alabama at Birmingham (UAB) presented the research that it is possible to trigger malware hidden in mobile devices using music, lighting, or vibration.
In a research paper titled “Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices”, the researchers reported that they triggered malware hidden in mobile devices using music from 17 meters away in a crowded hallway.
Since the trigger needs to be relatively close to the smartphone to active any hidden malware, any threats would be limited to the local environment. “We showed that these sensory channels can be used to send short messages that may eventually be used to trigger a mass-signal attack,”
The researchers found that cameras and microphones were the most effective way to trigger malware, but also noted that a heavy bass pattern could trigger the vibration sensor. They were also successful, at various distances, using music videos; lighting from a television, computer monitor and overhead bulbs; vibrations from a sub woofer; and magnetic fields.
As a possible defense, they suggested that anti-malware software should scan sensor data for signs of any hacks. "We need to create defenses before these attacks become widespread, so it is better that we find out these techniques first and stay one step ahead,".