Skip to main content

Hackers could reconstruct your typing by listening to your keystrokes over Skype

man typing computer
Image used with permission by copyright holder
Chances are that if you have been on a teleconference call at some point, you will have had the distracting experience of hearing another member of the party typing loudly without muting their microphone.

Such a scenario can be annoying, but did you know it could also make the typist vulnerable to electronic eavesdropping? That is the worrying conclusion reached by researchers at the University of California, Irvine and in Italy.

Recommended Videos

“Around 16 months ago, I was on a Skype conference call with some colleagues,” Gene Tsudik, Chancellor’s Professor of computer science at UCI, told Digital Trends. “In the background, you could hear someone typing away. Eventually it got to the point where I said, ‘Whoever is doing that needs to stop it, because it’s causing all kinds of interference.’”

Please enable Javascript to view this content

As Tsudik spoke, however, he immediately had another thought: ‘I wonder if I could work out what that person is writing?’

“There’s been prior research showing that if you place a microphone directly next to someone’s keyboard to record the sound of the keystrokes, you can distinguish the different keystrokes, and reconstruct what someone is typing,” he continued. “Since I was hearing the typing sounds loud and clear over Skype, I thought it may be possible to do the same thing in that setting.”

Using some smart machine learning tools, the resulting study discovered that if attackers have some advance knowledge — such as information about the keyboard a person is using — they can establish which key is being pressed at any time with an accuracy of 91.7 percent.

Even if they have no information about a person’s typing style or keyboard, there is still a 41.89 percent chance of identifying which keys are being pressed — partially due to to the fact that English has a well-known frequency distribution of letters.

The fact that services like Skype are encrypted, and therefore it is virtually impossible for unwanted outsiders to gain access to a call, means potential attacks like this are unlikely to be widespread. But as Tsudik pointed out, there are scenarios in which it could.

“Sometimes you’re talking to a party you don’t necessarily trust completely,” he said. “That might be politicians or commercial rivals having a teleconference, for example. In that scenario, there’s not always mutual trust. Whenever that’s the case, the other party could potentially be an adversary, and use technology like this to determine what other people on the call are typing.”

Whether it is passwords or confidential notes, the message is loud and clear: if you’re not 100 percent certain about the trustworthiness of the person you are communicating with, do not Skype and type!

Luke Dormehl
Former Digital Trends Contributor
I'm a UK-based tech writer covering Cool Tech at Digital Trends. I've also written for Fast Company, Wired, the Guardian…
Hacking-as-a-service lets hackers steal your data for just $10
A depiction of a hacker breaking into a system via the use of code.

A new (and cheap) service that offers hackers a straightforward method to set up a base where they manage and perform their cyber crimes has been discovered -- and it’s gaining traction.

As reported by Bleeping Computer, security researchers unearthed a program called Dark Utilities, effectively providing a command and control (C2) center.

Read more
Optical illusions could help us build the next generation of AI
Artificial intelligence digital eye closeup.

You look at an image of a black circle on a grid of circular dots. It resembles a hole burned into a piece of white mesh material, although it’s actually a flat, stationary image on a screen or piece of paper. But your brain doesn’t comprehend it like that. Like some low-level hallucinatory experience, your mind trips out; perceiving the static image as the mouth of a black tunnel that’s moving towards you.

Responding to the verisimilitude of the effect, the body starts to unconsciously react: the eye’s pupils dilate to let more light in, just as they would adjust if you were about to be plunged into darkness to ensure the best possible vision.

Read more
FBI: Deepfakes are being made using your data to apply for jobs
Facebook Deepfake Challenge

Forget scamming grandma with fake IRS calls. According to the FBI, hackers are now stealing personal information and using deepfakes to apply for remote jobs.

As spotted by Bleeping Computer, the warning was posted as a public service announcement on the Internet Crime Complaint Center, where the FBI explained how cybercriminals are stealing Americans' personal identifiable information (PII) and applying for remote jobs, and then using deepfake videos to pass online job interviews.

Read more