Researchers at the 51在线 have discovered a new kind of cyberattack that could give hackers access to your digital passwords and personal information without using traditional malware.
This new class of cyberattacks, , allows hackers to eavesdrop on someone鈥檚 typing. Traditionally, this type of intrusion requires the installation of malware 鈥 malicious software that infects the victim鈥檚 computer. Using a keylogger program within the malware, hackers are able to monitor and transmit typed information, such as passwords.
The new method, discovered by USF researchers , and , and their research teams, does not require the use of any malicious software or direct access to the victim鈥檚 computer. Instead, researchers say channel state information extracted from a WIFI signal is all attackers need to determine what you鈥檙e typing.
Liu says that hackers can set up a malicious WIFI network to attract potential victims or deploy a specialized monitoring device that can 鈥渓isten in鈥 while you type on a public network. When connected to a WIFI network, keyboard activity leaves a sort of digital footprint in the signal. Through machine-learning algorithms, the researchers in the USF Dept. of Computer Science & Engineering, and Electrical Engineering showed it鈥檚 possible to determine, with a high degree of accuracy, what was originally typed.
While this method of eavesdropping has been demonstrated before, previous techniques required a time-intensive training phase that made it extremely impractical. Now, through USF鈥檚 research, it鈥檚 clear that high-level hackers could in fact utilize the technique.
鈥淔or us as cyber security experts, understanding these attack angles are very important because it gives us the opportunity to defend against these attacks before they become problematic,鈥 Liu said.
Researchers emphasize that this type of cyberattack is not something the general public should be overly concerned about. Instead, this research will act as a starting point for computer scientists developing different methods to defend against these types of attacks.
.