Your keys have been talking a lot, and they’ve finally gotten the attention of hackers. Hackers can now clone your keys with ease.
All they need is a little hint from the sounds made by your keys when you unlock the door, and Voila! Your home is their home.
Are you wondering how this is possible? We’ll tell you.
Earlier this year, researchers at the National University of Singapore published a report that explains how hackers can clone your keys.
What do they need?
A smartphone’s microphone and a program they created.
The program is called SpiKey, and according to what the paper reveals, there’s no stopping SpiKey. At least for now.
How does this mystery program work?
When you insert a key into the keyhole and twist, here’s what happens. The lock pin in the keyhole moves over the ridges on the key.
When that happens, it makes a faintly audible click-sound. Sadly, that sound is as loud as it needs to be for a smartphone microphone to pick up.
After recording this, hackers can playback the sound and use the time between the clicks to determine the distance between the key’s ridges.
Interestingly, SpiKey can use this information to produce several keys that could pick the lock.
According to the researchers, SpiKey uses the click-sound to generate over 300,000 keys. Among the generated keys, some key forms will be repeated.
In the end, the program selects three keys with the highest frequency. One of the three final keys will pick the lock.
This software has made it possible for burglars/hackers to break into any apartment without looking suspicious.
They can now stop using lock-picking tools that easily give them away. And that’s no good news for anyone: except, of course, the burglars.
Can you stop this attack?
If you’re thinking of countering this attack by slowing down the pace at which you turn your keys, think again.
The researchers have considered almost every variable and have addressed it.
To counter the assumption that click sounds for each lock will be constant, here’s what the report says, “This assumption may not always hold in [the] real-world. Hence, we plan to explore the possibility of combining information across multiple insertions.”
The only known solution is to prevent the sounds from being recorded.
However, the sounds can also be recorded through several means and without the attacker being physically present.
“We may exploit other approaches of collecting click sounds such as installing malware on a victim’s smartphone or smartwatch, or from door sensors that contain microphones to obtain a recording with higher signal-to-noise ratio,” explained the study authors.
“We may also exploit long-distance microphones to reduce suspicion. Furthermore, we may increase the scalability of SpiKey by installing one microphone in an office corridor. Thereby collecting recordings from multiple doors.”
Well, we are counting on tech experts all over the world. It’s time for them to put on their thinking caps and come up with a counter program.
If not, we might as well start leaving our doors wide open when we go out. In the meantime, you can make weird monkey noises when trying to open your door.
In case you were wondering how:
Yeah! That should work for now.