Passwords over Zoom could now be stolen by hackers

According to a team of researchers, an AI programme could correctly guess content, including passwords, over 90% of the time using keystroke sounds captured using Zoom.

Researchers from Durham University, the University of Surrey, and the Royal Holloway University of London claim that an AI model they developed demonstrated a 93% accuracy rate in deciphering keystrokes from a recording of a Macbook’s keystrokes made over video conferencing software Zoom.

Furthermore, when keystrokes were captured using an iPhone 13 mini, the accuracy rate increased to 95%.

According to the researchers, keyboards are more vulnerable to acoustic side-channel attacks. Instead than attacking the system’s code directly, hackers utilize side-channel assaults to exploit information, such as how much power your computer is using or the sounds of keystrokes it makes.

The team’s experiment utilized a 2021 16-inch MacBook Pro, emphasizing its keyboard’s compatibility with other current MacBook models.

Their artificial intelligence (AI) tool was based on “deep learning,” a branch of machine learning that teaches computers to analyze data in a manner akin to that of the human brain.

Potential defenses were also revealed by the study. The authors of the study believe that entire words in passwords may be more vulnerable to assault. Additionally, the AI tool’s accuracy seems to be affected by touch typing and background noise.

Even though these attacks are not well understood, they have a long history, according to the authors. Even in a partially disclosed NSA document from 1982, “acoustic emanations” was listed as a vulnerability, according to the authors.

The study adds to current worries about how AI tools might be misused to violate security and privacy.

Because AI makes it simpler to tailor schemes to each target, AI tools can make internet frauds tougher to detect.

In 2019, two experts warned that the development of 5G and AI would increase the vulnerabilities in internet-connected gadgets, escalating cybersecurity concerns.

Source link