You might want to reconsider next time you’re about to plug your headphones with a microphone into your iPhone or Android smartphone. Hackers have found a way to exploit the ubiquitous headphones and issue their own commands to Siri and Google Now.
The problem is that electromagnetic waves can tell either voice command service to eavesdrop on you, make your phone make calls to a paid number, navigate to infected websites or send spam. Researchers in France have shown that they can hijack your phone via those headphones with microphones, using the headphone wires as an antenna to pick up their malicious signals.
The wire-as-antenna receives electromagnetic signals sent from a laptop with an antenna and radio and converts those signals into electrical signals that your phone thinks are coming from the microphone. Just as you can tell Siri or Google Now to make a call or navigate to a website through your headphone mic, the hackers can control your phone.
There are ways to protect yourself other than ditching the headphones. On Android phones, this could only work if you enable Google Now from the lock screen, so don’t do that. On iPhones, the default is that Siri is enabled from the lock screen. To disable this, go to Settings, tap Touch ID & Passcode, and scroll to the Allow Access When Locked section to turn Siri off.
We’re always working to make sure your digital privacy is secure here at Komando.com. For more information on protecting your cybersecurity, visit our Komando.com Security Center, and check back often to our Happening Now page for the latest news on hacks, digital security and everything tech.