A keyboard vibration attack is a proof-of-concept (POC) exploit that involves placing a mobile device near to a computer keyboard in order to use the mobile device’s accelerometer as a keylogger.
The accelerometer detects vibrations from the keyboard and an associated application translates them into the characters being typed. Although there have been no reports of keyboard vibration attacks in the wild, Georgia Tech researchers found a method to exploit the accelerometer in an iPhone to record keystrokes.
The researchers reported a captured character accuracy of 80 percent and claim that as accelerometers progress, the accuracy increases. They discovered this capacity by observing that the exploit functioned with higher accuracy on the newer generations of iPhones.
Although the research was conducted on Apple phones, the Georgia Tech researchers note that similar exploits could target other mobile devices and operating systems. The research follows similar investigations and discoveries involving the possibility of exploiting cameras, microphones and even status LED micro-pulses to reveal sensitive information such as passwords or financial details.