We select and review products independently. When you purchase through our links we may earn a commission. Learn more.

Bizarre “Glowworm Attack” Captures Audio from Devices’ Power LEDs

An electro-optical sensor pointed at a USB hub's power indicator.
An electro-optical sensor (red) pointed at a USB hub’s power indicator (yellow). Cyber@BGU

If you were a spy, what would be your go-to method of eavesdropping on conversations? A microphone is just too easy, so maybe you’ll try something more high-tech, like a Glowworm Attack. Discovered by researchers at Ben-Gurion University, the Glowworm Attack allows spies to capture audio by pointing a special camera at a speaker or USB hub’s power indicator LED.

Optical eavesdropping is a strange technique that’s growing more viable thanks to AI, which can teach itself how to interpret data. But unlike most optical eavesdropping methods, which observe how objects vibrate when they’re impacted by sound waves, the Glowworm Attack translates the imperceptible flickering of a device’s power indicator LED into real sound.

Most power LEDs are wired directly to their device’s main power line. As such, they’re easily influenced by any changes in voltage. Researchers at Ben-Gurion University found that, by recording a desktop speaker’s power LED with an electro-optical sensor, they could measure the imperceptible changes in luminescence and translate these changes into whatever audio the speakers were playing.

With some help from a telescope, Glowworm Attacks work at a distance over 100 feet. You can even perform a Glowworm Attack through glass, or recover audio from devices that aren’t speakers, such as USB hubs.

The average person doesn’t need to worry about Glowworm Attacks. Not just because traditional eavesdropping methods are easier, but because the Glowworm method only recovers audio from speakers and other electronics. That said, big businesses and governments shouldn’t ignore Glowworm Attacks, as they could be used to capture the contents of a top-secret video meeting or phone call.

Source: Cyber Security Labs at Ben Gurion University via Ars Technica

Andrew Heinzman Andrew Heinzman
Andrew is the News Editor for Review Geek, where he covers breaking stories and manages the news team. He joined Life Savvy Media as a freelance writer in 2018 and has experience in a number of topics, including mobile hardware, audio, and IoT. Read Full Bio »