Chinese researchers developed a non-contact forensic technique that identifies smartphone apps and operations by analyzing leaked low-frequency electromagnetic signals, achieving up to 99.07% accuracy on devices like iPhone 15 Pro, Xiaomi 15 Pro, and OPPO Reno 13. This attack method poses a serious privacy threat because it can work even when the phone is offline, in airplane mode, encrypted, or locked, without any access to the device's system or stored data. The technique analyzes low-frequency electromagnetic (EM) signals emitted by a running smartphone's components, and the researchers tested it on popular apps including TikTok, WeChat video calls, Baidu Maps, SMS, browser, camera, and cloud storage.
Background
All electronic devices emit electromagnetic radiation during operation, and these unintentional signals can reveal information about the device's activity. This is known as a side-channel attack, where an attacker exploits physical byproducts like EM leakage, power consumption, or sound. Previous side-channel attacks often required physical access or specialized equipment, but this new technique is non-contact and works over distance.