LAS VEGAS — Smartphones, virtual-reality headsets, toy robots, quadcopter drones and self-balancing scooters can be hacked by powerful sonic blasts, a team of Chinese researchers demonstrated at the Black Hat security conference here last week.
The team, led by Alibaba security researcher Aimin Pan, used audible sound and ultrasound emitters to disrupt the microelectromechanical systems (MEMS) chips, including accelerometers and gyroscopes, that today's electronic devices use to sense the physical world.
Using sound waves matching the resonant frequencies of specific MEMS sensors, the researchers made an Oculus Rift's display roll, HTC Vive and Microsoft HoloLens displays dither, Samsung Galaxy S7 and iPhone 7 VR apps also dither, toy robots spin around and fall over, self-balancing scooters scoot away, and a DJI Phantom 3 drone bank wildly as its rotors spun at random rates.
MORE: Best Drones You Can Buy
MEMS sensors are basically microscopic machines soldered into the motherboards of any gadget that needs to sense movement, direction, pressure or sound. Among the simplest is an accelerometer, in which tiny weights on tiny springs move with gravity, touching electric capacitors as they slide back and forth.
A MEMS gyroscope is more complicated, but can be thought of as one accelerometer placed inside another, so that each is at right angles to the other.
However, many physical structures are naturally "tuned" to resonant frequencies. Sound at exactly the right pitch (or multiples of that pitch) will cause the structure to vibrate strongly, much like a guitar string.
Pan and his team determined the resonant frequencies of the accelerometers and gyroscopes in specific devices, tuned sonic emitters to those frequencies and pointed them at the gadgets.
In a video demonstration, an Oculus Rift headset sitting quietly on a table showed a stable display until it was hit by the ultrasound blast. Then its display "rolled" in a vertical loop. Anyone wearing the headset would be disoriented at best, and vomiting at worst.
The HTC Vive and Microsoft HoloLens headsets did a bit better; their screens merely wobbled and shook as the sound waves hit them. The same applied to Samsung Galaxy S7 and Apple iPhone 7 phones running virtual-reality apps.
Results were more disturbing once actual vehicles became involved. Two self-balancing robots, one a Xiaomi Mitu and the other a DIY model built by the researchers, spun around, backed up and fell over as the emitter was pointed at them.
A self-balancing scooter was immune until the researchers cut a small slit in the scooter's plastic casing, allowing ultrasound waves to get in; the scooter then moved back and forth on its own.
Finally, the researchers showed what happened to the DJI Phantom 3, a quadcopter that sells for $400 and up. An ultrasound emitter held near the drone made the propeller motors spin at different rates. This particular quadcopter was on the ground with its rotors removed, but the same phenomenon in flight would make the drone bank wildly and likely crash.
The Alibaba team's equipment was on the low end, costing about $350 to buy and assemble. Its emitter was not very powerful and worked at ranges of a few feet at most.
But someone with a much more powerful emitter, or a sonic weapon like the Long Range Acoustic Devices used by military and police forces around the world, could get much more range. If you see drones suddenly falling out of the sky, you'll know why.
Get the BEST of Tom’s Guide daily right in your inbox: Sign up now!
Upgrade your life with the Tom’s Guide newsletter. Subscribe now for a daily dose of the biggest tech news, lifestyle hacks and hottest deals. Elevate your everyday with our curated analysis and be the first to know about cutting-edge gadgets.
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.