The Hacker News Logo
Subscribe to Newsletter

Hackers Can Use Radio-waves to Control Your Smartphone From 16 Feet Away

android-iphone-hacking
What if your phone starts making calls, sending text messages and browsing Internet itself without even asking you?

No imaginations, because hackers can make this possible using your phone's personal assistant Siri or Google Now.

Security researchers have discovered a new hack that could allow hackers to make calls, send texts, browser a malware site, and do many more activities using your iOS or Android devices' personal assistant Siri or Google Now — without even speaking a single word.

A Group of researchers from French government agency ANSSI have discovered that a hacker can control Apple's Siri and Android's Google Now by remotely and silently transmitting radio commands from as far as 16 feet away...

...only if it also has a pair of headphones plugged into its jack.

How does the Hack Work?

It is very interesting and a mind-blowing technique.

The Hack utilizes:
  • An iPhone or Android handset with headphones plugged in
  • A radio transmitter

The radio transmitter sends radio waves to silently trigger voice commands on any iPhone or Android phone (with a pair of microphone-enabled headphones plugged in) that has Siri or Google Now enabled respectively.

Where the headphones’ cables act as radio antennas, which can be exploited to trick an iPhone or Android phone user into believing that the voice commands are coming from the user’s microphone.

This could leverage a hacker to do whole lots of things on victim's mobile phone without even speaking a word, including:
  • Make calls
  • Send text messages
  • Dial the hacker's number to turn victim's phone into an eavesdropping device
  • Browse to malware websites
  • Send phishing and spam messages using Facebook, Twitter or email


"You could imagine a bar or an airport where there are lots of people," Vincent Strubel, the director of the research group at ANSSI told Wired. "Sending out some electromagnetic waves could cause many smartphones to call a paid number and generate cash."

Dependencies:


The hack only requires:
  • A headphone-connected iPhone or Android phone
  • Siri enabled from the lockscreen — which is Apple's Default setting.

In its smallest form, this hack could be performed from a range of around six and a half feet.

A more powerful hack that ranges to more than 16 feet requires larger batteries and could only fit inside a car, the researchers say.

Video Demonstration

You can also watch the video demonstration that shows the attack in action:

In the demo, the researchers sent a command to Google Now via radio on an Android smartphone and forced the device’s browser to visit their ANSSI official website.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.