Dark Mode

Settings

Capec-634 Detail

Probe Audio and Video Peripherals

Detailed Communications Software Software Likelihood: Low Typical Severity: High

Parents: 545 651

Threats: T60 T65

Description

The adversary exploits the target system's audio and video functionalities through malware or scheduled tasks. The goal is to capture sensitive information about the target for financial, personal, political, or other gains which is accomplished by collecting communication data between two parties via the use of peripheral devices (e.g. microphones and webcams) or applications with audio and video capabilities (e.g. Skype) on a system.

Not present

External ID Source Link Description
CAPEC-634 capec https://capec.mitre.org/data/definitions/634.html
CWE-267 cwe http://cwe.mitre.org/data/definitions/267.html
T1123 ATTACK https://attack.mitre.org/wiki/Technique/T1123 Audio Capture
T1125 ATTACK https://attack.mitre.org/wiki/Technique/T1125 Video Capture
REF-653 reference_from_CAPEC https://www.thesecuritybuddy.com/bluetooth-security/what-is-car-whisperer/ Amrita Mitra, What is Car Whisperer?, 2017--03---08, The Security Buddy
REF-654 reference_from_CAPEC https://www.finjanmobile.com/what-is-bluesnarfing/ What is Bluesnarfing?, 2017--03---13, Finjan Mobile

Not present

  1. Knowledge of the target device's or application’s vulnerabilities that can be capitalized on with malicious code. The adversary must be able to place the malicious code on the target device.

Not present

High
To deploy a hidden process or malware on the system to automatically collect audio and video data.
Confidentiality
Read Data
  1. An adversary can capture audio and video, and transmit the recordings to a C2 server or a similar capability.
  2. An adversary can capture and record from audio peripherals in a vehicle via a Car Whisperer attack. If an adversary is within close proximity to a vehicle with Bluetooth capabilities, they may attempt to connect to the hands-free system when it is in pairing mode. With successful authentication, if an authentication system is present at all, an adversary may be able to play music/voice recordings, as well begin a recording and capture conversations happening inside the vehicle. Successful authentication relies on the pairing security key being set to a default value, or by brute force (which may be less practical in an outside environment) Depending on the sensitivity of the information being discussed, this scenario can be extremely compromising.
  3. An adversary may also use a technique called Bluebugging, which is similar to Bluesnarfing but requires the adversary to be between 10-15 meters of the target device. Bluebugging creates a backdoor for an attacker to listen/record phone calls, forward calls, send SMS and retrieve the phonebook.

We use cookies to ensure you get the best experience on our website.