Creepy AI steals your password by listening to your MacBook keystrokes — what to do
This AI stuff is getting out of hand
We're not sure what possessed several Britain-based researchers to develop an data-stealing AI, but they thought it was a good idea to train a deep-learning model to snatch sensitive info just by "listening" for victims' keystrokes.
Great, just what we needed. More hacking methods for internet scammers.
It's not like malicious actors don't have enough cybercriminal tools under their belt. Why not add one more that now transforms something as innocuous as keyboard acoustics into a tool for malicious hacktivism? (h/t BleepingComputer)
How AI model steals data via keyboard acoustics
In a creepy new report, investigators delved into how they trained a deep-learning model to spy on victims' credentials by assigning each key with an actuation sound.
Researchers used a 16-inch MacBook Pro (2021) outfitted with an M1 Pro processor to run their experiment. The report highlighted that there are very few changes, if any, between MacBook Pro keyboards in recent years, adding that its data-stealing AI could potentially work with several predecessors "and potentially those in the future," too.
Next, the investigators placed a microfiber-wrapped iPhone 13 next to the MacBook Pro (the microfiber prevents the handset from picking up any vibrations from the desk). The researchers then collected training data by recording the different sounds produced by each key on the MacBook Pro.
As it turns out, just by listening to the keystrokes, the AI model could identify the right letters and symbols at a high accuracy rate of 95%. The investigators also tested how well the deep-learning model could pick up on keystrokes via Zoom. In other words, if a malicious actor crashed a Zoom call, could they potentially snatch your private data by "listening" to your keyboard's acoustics? The answer is yes, but at a slightly lower accuracy rate of 93%.
Stay in the know with Laptop Mag
Get our in-depth reviews, helpful tips, great deals, and the biggest news stories delivered to your inbox.
What can you do to circumvent this creepy AI tool?
Don't think that getting a quieter keyboard will protect you. According to the report, the keys' volume had no bearing on whether the deep-learning model correctly identified the keystrokes. Instead, it listens for waveforms and spectrograms to pinpoint which key is being pressed.
As BleepingComputer pointed out, switching to membrane-based keyboards or adding sound dampeners won't thwart the AI model much. The best thing you can do is use password managers and biometric authentication (e.g., fingerprint scanning).
Unfortunately, it's only a matter of time before this study falls into the wrong hands and malicious actors start rubbing their hands over all the cybercriminal chaos they're poised to cause.
It's worth noting that although this deep-learning model was only tested on a MacBook Pro, Apple laptops aren't the only machines susceptible to this data-stealing AI. Most laptop keyboards are vulnerable to this attack.
Kimberly Gedeon, holding a Master's degree in International Journalism, launched her career as a journalist for MadameNoire's business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she's finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!