Definition

keyboard vibration attack

Contributor(s): Matthew Haughn

A keyboard vibration attack is a proof-of-concept (POC) exploit that involves placing a mobile device near to a computer keyboard in order to use the mobile device’s accelerometer as a keylogger.

The accelerometer detects vibrations from the keyboard and an associated application translates them into the characters being typed. Although there have been no reports of keyboard vibration attacks in the wild, Georgia Tech researchers found a method to exploit the accelerometer in an iPhone to record keystrokes.

The researchers reported a captured character accuracy of 80 percent and claim that as accelerometers progress, the accuracy increases. They discovered this capacity by observing that the exploit functioned with higher accuracy on the newer generations of iPhones.

Although the research was conducted on Apple phones, the Georgia Tech researchers note that similar exploits could target other mobile devices and operating systems. The research follows similar investigations and discoveries involving the possibility of exploiting cameras, microphones and even status LED micro-pulses to reveal sensitive information such as passwords or financial details.

This was last updated in May 2015

Continue Reading About keyboard vibration attack

Spy agencies’ hacking of mobile encryption keys is no surprise, says security expert

Bad vibrations: How smart phones could steal PC passwords

Does accelerometer research portend keyboard-vibration attacks?

SearchCompliance

compliance as a service (CaaS)

Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

data protection impact assessment (DPIA)

A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (CCPA) is legislation in the state of California that supports an individual's right to ...

SearchSecurity

computer worm

A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining ...

Single Sign-On (SSO)

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., ...

Certified Information Systems Auditor (CISA)

Certified Information Systems Auditor (CISA) is a certification issued by ISACA to people in charge of ensuring that an ...

SearchHealthIT

medical practice management (MPM) software

Medical practice management (MPM) software is a collection of computerized services used by healthcare professionals and ...

Regional Health Information Organization (RHIO)

A Regional Health Information Organization (RHIO) is a group of organizations within a specific area that share ...

remote patient monitoring (RPM)

Remote patient monitoring (RPM) is a subcategory of homecare telehealth that allows patients to use mobile medical devices or ...

SearchDisasterRecovery

business continuity plan (BCP)

A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

disaster recovery team

A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

cloud insurance

Cloud insurance is any type of financial or data protection obtained by a cloud service provider.

SearchStorage

PCIe SSD (PCIe solid-state drive)

A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

VRAM (video RAM)

VRAM (video RAM) is a reference to any type of random access memory (RAM) used to store image data for a computer display.

Kilo, mega, giga, tera, peta, exa, zetta and all that

Kilo, mega, giga, tera, peta, exa, zetta are among the list of prefixes used to denote the quantity of something, such as a byte ...

Join the conversation

1 comment

Send me notifications when other members comment.

Oldest

[-]

ToddN2000 - 1 Jun 2015 11:41 AM

I saw an article on this a while back. If you left your phone on and on your desk near your PC keyboard, they claim it can pick up the tactile keystrokes on the PC keyboard and record them like any other key logger. I'd have to see it to believe it.

keyboard vibration attack

Continue Reading About keyboard vibration attack

Join the conversation

1 comment

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

compliance as a service (CaaS)

data protection impact assessment (DPIA)

California Consumer Privacy Act (CCPA)

SearchSecurity

computer worm

Single Sign-On (SSO)

Certified Information Systems Auditor (CISA)

SearchHealthIT

medical practice management (MPM) software

Regional Health Information Organization (RHIO)

remote patient monitoring (RPM)

SearchDisasterRecovery

business continuity plan (BCP)

disaster recovery team

cloud insurance

SearchStorage

PCIe SSD (PCIe solid-state drive)

VRAM (video RAM)

Kilo, mega, giga, tera, peta, exa, zetta and all that

Continue Reading About keyboard vibration attack

Related Terms

Join the conversation

1 comment

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.

File Extensions and File Formats