Attackers could use heat traces left on keyboard to steal passwords
A team of academics from the University of California, Irvine (UCI), have presented a type of attack that could enable a malefactor to retrieve sensitive information you entered via your keyboard – possibly up to a minute after you typed it. The researchers had 30 users enter 10 different passwords, both strong and weak, on four common external keyboards. Using a thermal imaging camera, the researchers then scanned the residual heat left on the recently-pressed keys.
In the second stage, they enlisted the help of eight non-experts in the field who, acting as “adversaries”, were asked to derive the set of pressed keys from the thermal imaging data – which they reliably did. Long story short, the subjects successfully retrieved entire sets of key-presses that were captured by the camera as late as 30 seconds after the first key was entered. In addition, recovery of a partial set of key-presses was possible one minute after the first key was pressed, according to the researchers, who described their findings in a paper called “Thermanator: Thermal Residue-Based Post Factum Attacks On Keyboard Password Entry”.
The pieces of the puzzle thus obtained could be easily leveraged for password-cracking attacks. Password “passw0rd” thermal residue on the keyboard after 0, 15, 30, and 45 seconds after entry (University of California, Irvine)