Scientists have found a new way to hack that uses artificial intelligence to guess passwords with 95% accuracy by listening to what people type on their keyboards.
The cyberattack works because AI learns and recognizes the sound profile of different keys on a keyboard, according to study posted in arXiv as a preprint before it has been peer-reviewed.
Using a microphone built into a smartphone to listen for keystrokes on an Apple MacBook Pro, researchers like Joshua Harrison from Durham University in the UK were able to copy the keys with 93-95% accuracy.
Scientists also tried how well the AI system worked during a Zoom call by using the laptop’s microphone to record the keystrokes during a meeting.
READ: How to Manage Saved Passwords in Chrome
In this way, the AI model was found to be 93% accurate at re-creating the keystrokes, and in another test using Skype, it was about 92% accurate.
Researchers say that the number of microphones near keyboards has grown a lot in the last ten years, making it easier for hackers to use this new way.
The model works by recognising the unique way each user presses keys on their computer, including the sound, force, and time of each keystroke.
Researchers used a MacBook Pro to test the idea. They first taught the system to identify patterns by pressing each of 36 keys 25 times.
For their first test, they used an iPhone 13 mini 17 cm away from the keyboard to record the sound of the keys being pressed.
Then, they used the MacBook’s built-in speakers to record the laptop keys over Zoom.
Scientists say, though, that the AI system doesn’t work the same way on every computer.
They say that the AI model needs to be taught separately for each keyboard, so that it has more information about what each keystroke means.
The study says that these kinds of attacks can be stopped if people change the way they type.
Scientists found that the accuracy of letter recognition dropped from 64% to 40% when people touched typed.
As a way to protect against these kinds of hacks, they also suggest using random passwords with different case types.
Scientists say that full-word passwords may be more at risk because big language models like ChatGPT can predict the next characters to make full words.
ManilaShaker is a tech media producing insightful and helpful content for our local and growing international audience. Our goal is to create a premier Philippine digital consumer electronics resource that provides the most objective reviews and comparisons globally.
