Hackers Can Steal Zoom Passwords via Keystroke Listening Using AI, Study Says

An AI tool could decipher text — including passwords — from keystroke sounds recorded over Zoom and be right over nine times out of ten, a group of researchers said in a paper published on August 3.

AI can steal passwords from keystroke sounds recorded over Zoom with up to 93% accuracy, per a new study.

The accuracy rate ratcheted up to 95% when keystrokes were recorded using an iPhone 13 mini.

“Passwords containing full words may be at greater risk of attack,” per the study.

News From the Sphinx to the Terracotta Army, photos show 10 historical sites when they were discovered and after they were excavated

A Muslim social media personality says he was forced to strip naked by airport security and was then berated by airport staff for delaying a flight
U.S. dollar notes are seen in this picture illustrationReuters

News An $11 trillion wealth wipeout has set the world back for the first time since 2008, thanks to a trifecta of high inflation, interest rates, and currency declines

An AI model developed by the researchers showed a 93% accuracy rate in deciphering keystrokes from a recording of a Macbook’s keystrokes made over video conferencing software Zoom, according to a group of researchers affiliated with Durham University, the University of Surrey, and the Royal Holloway University of London.

Moreover, the accuracy rate rose to 95% when keystrokes were recorded using an iPhone 13 mini.

“Acoustic side-channel attacks” are a growing threat to keyboards, the researchers said. Side-channel attacks are used by hackers to exploit information — like how much power your computer is using or the keystroke sounds it makes — rather than directly attacking the system’s code.

For their experiment, the team used a 2021 16-inch MacBook Pro, highlighting its consistent keyboard design with other recent MacBook models.

Their AI tool was based on “deep learning” — a subset of machine learning that trains computers to analyze data similarly to how the human brain functions.

The study also highlighted potential countermeasures. “Passwords containing full words may be at greater risk of attack,” per the study’s authors. Touch typing and adding background noise also seemed to lower the accuracy rate of the AI tool.

The authors said that while these types of attacks are under-studied, they have a long history. “Acoustic emanations” were even mentioned as a vulnerability in a 1982 partially declassified NSA document, the authors wrote.

The study adds to recent concerns over how AI tools could be used to compromise security and privacy.

AI tools can make online scams harder to detect because AI makes it easier to personalize scams for each target, Insider reported last Tuesday.

Two specialists raised the alarm in 2019 over how the advancement of AI and 5G technology would heighten vulnerabilities in internet-connected devices, amplifying cybersecurity threats.

Maryam Mehrnezhad, one of the study’s authors and an associate professor at the Royal Holloway University of London, told Insider she doesn’t think the pressure to safeguard oneself should be on the end user. Instead, she said the cybersecurity community needs to come up with better solutions to enable citizens to use modern technologies without fear.


Leave a Reply

Your email address will not be published. Required fields are marked *