Skip to Content
phone snooping
© Dedmityay | Dreamstime.com
Security & privacy

This malware can eavesdrop on your calls using your phone’s motion sensors

By Albert Khoury, Komando.com
December 29, 2022
Printer friendly 🖨

When you install an app, do you read the fine print? You know, all those terms and conditions you may have blindly agreed to when you clicked “Agree.”

Guess what? You may have given those apps permission to listen to you using your microphone. Want to find out which apps are spying on you? Tap or click here and Kim will show you how to find them and put a stop to it.

Threat actors take every chance they can to get more information on you and don’t need your permission. They can use a vulnerability in your phone that seems obvious until you realize how it’s done.

Here’s the backstory

Move close enough to someone speaking on the phone and you can catch their conversation. You’ll hear what they’re saying and, depending on their volume settings, the person on the other end.

Seems simple enough, right? But threat actors don’t need to be near a phone to eavesdrop on a conversation. They can use malware to record the data captured by motion sensors as your earpiece vibrates during a conversation.

This information can reveal your gender, identity and even your conversation.

Fortunately, this malware is part of an experiment called EarSpy being conducted by researchers at Texas A&M University, New Jersey Institute of Technology, Temple University, University of Dayton and Rutgers University.

They conducted tests on the OnePlus 7T and the OnePlus 9 (both running Android), and here were the results:

OnePlus 7T

  • Gender identification accuracy ranged between 77.7% and 98.7%.
  • Caller ID accuracy ranged between 63% and 91.2%.
  • Speech recognition accuracy ranged between 51.8% and 56.4%.

OnePlus 9

  • Gender identification accuracy ranged between 77.7% and 88.7%.
  • Caller ID accuracy ranged between 55.7% and 88.7%.
  • Speech recognition accuracy ranged between 33.3% and 41.6%.

Getting this data does not require special permissions, so hackers can circumnavigate your phone’s safeguards and restrictions. This type of malware can relay your information back to the attacker.

RELATED: This simple Android location setting saves your privacy

What you can do about it

The simple solution is to lower the volume of your earpiece so that the motion sensors don’t pick up vibrations so much.

While Android 13 introduced restrictions for sensor data collection without permission, it’s not an impenetrable defense.

The researchers behind EarSpy suggest that smartphone manufacturers be more careful when designing larger and more powerful ear speakers. They should also place the motion centers where the phone speaker’s vibration impact will be minimized.

Keep reading

Get a voicemail about tax services? Don’t fall for the ‘Eavesdropping Scam’

These anti-snoop screen protectors keep what you’re doing private

Tech smarts in 2 minutes a day

Get my Daily Tech Update and the Digital Life Hack. Just one minute each and arm you with the tech knowledge you need to impress your boss and friends with how smart you are.

LISTEN NOW