Exam 312-50v13 Topic 1 Question 197 Discussion
Actual exam question for ECCouncil's 312-50v13 exam
Question #: 197
Topic #: 1
Question #: 197
Topic #: 1
At a private aerospace research facility in Mesa, Arizona, an executive raises concerns after sensitive discussion points from speakerphone meetings begin surfacing externally. The device shows no indicators of active audio recording, and application permission history does not reflect recent camera or microphone authorization changes.
A forensic mobile analysis identifies that an installed application has been continuously reading motion sensor output while the phone's loudspeaker is active. The collected sensor data was later transmitted to a remote server, where acoustic characteristics were reconstructed from the recorded measurements.
Identify the attack technique responsible for this compromise.
A forensic mobile analysis identifies that an installed application has been continuously reading motion sensor output while the phone's loudspeaker is active. The collected sensor data was later transmitted to a remote server, where acoustic characteristics were reconstructed from the recorded measurements.
Identify the attack technique responsible for this compromise.
Suggested Answer: D Vote an answer
The correct answer is D. Spearphone Attack.
A Spearphone Attack uses motion sensor data, such as accelerometer readings, to infer or reconstruct speech played through a smartphone's loudspeaker. The attack is notable because it does not require direct microphone access. Instead, it abuses sensor readings produced by speaker vibrations and acoustic coupling inside the device.
The scenario states that no microphone or camera permission change occurred, but an installed application continuously read motion sensor output while the loudspeaker was active. The collected measurements were then used to reconstruct acoustic characteristics. These details precisely match Spearphone.
CEH-aligned mobile security material highlights that mobile devices can be attacked through malware, insecure applications, and application/OS abuse, and that mobile malware is commonly used to steal personal or sensitive data from devices .
Option A. Camfecting is incorrect because camfecting involves unauthorized camera activation or camera spying.
Option B. StormBreaker Abuse is incorrect because StormBreaker is associated with phishing/social- engineering frameworks that may capture device data, but the scenario specifically involves motion-sensor acoustic reconstruction.
Option C. Android Camera Hijack Attack is incorrect because no camera misuse is described.
Option D. Spearphone Attack is correct because the attack reconstructs speech from motion sensor readings while the loudspeaker is active.
Therefore, the best answer is D. Spearphone Attack.
A Spearphone Attack uses motion sensor data, such as accelerometer readings, to infer or reconstruct speech played through a smartphone's loudspeaker. The attack is notable because it does not require direct microphone access. Instead, it abuses sensor readings produced by speaker vibrations and acoustic coupling inside the device.
The scenario states that no microphone or camera permission change occurred, but an installed application continuously read motion sensor output while the loudspeaker was active. The collected measurements were then used to reconstruct acoustic characteristics. These details precisely match Spearphone.
CEH-aligned mobile security material highlights that mobile devices can be attacked through malware, insecure applications, and application/OS abuse, and that mobile malware is commonly used to steal personal or sensitive data from devices .
Option A. Camfecting is incorrect because camfecting involves unauthorized camera activation or camera spying.
Option B. StormBreaker Abuse is incorrect because StormBreaker is associated with phishing/social- engineering frameworks that may capture device data, but the scenario specifically involves motion-sensor acoustic reconstruction.
Option C. Android Camera Hijack Attack is incorrect because no camera misuse is described.
Option D. Spearphone Attack is correct because the attack reconstructs speech from motion sensor readings while the loudspeaker is active.
Therefore, the best answer is D. Spearphone Attack.
by Susie at Jun 27, 2026, 11:12 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).