Speakers are everywhere, whether it's expensive, standalone sound systems, laptops, smart home devices, or cheap portables. And while you rely on them for music or conversation, researchers have long known that commercial speakers are also physically able to emit frequencies outside of audible range for humans. At the Defcon security conference in Las Vegas on Sunday, one researcher is warning that this capability has the potential to be weaponized.

It’s creepy enough that companies have experimented with tracking user browsing by playing inaudible, ultrasonic beacons through their computer and phone speakers when they visit certain websites. But Matt Wixey, cybersecurity research lead at the technology consulting firm PWC UK, says that it’s surprisingly easy to write custom malware that can induce all sorts of embedded speakers to emit inaudible frequencies at high intensity, or blast out audible sounds at high volume. Those aural barrages can potentially harm human hearing, cause tinnitus, or even possibly have psychological effects.

“I’ve always been interested in malware that can make that leap between the digital world and the physical world,” Wixey says. “We wondered if an attacker could develop malware or attacks to emit noise exceeding maximum permissible level guidelines, and therefore potentially cause adverse effects to users or people around.”

The research analyzed the potential acoustic output of a handful of devices, including a laptop, a smartphone, a Bluetooth speaker, a small speaker, a pair of over-ear headphones, a vehicle-mounted public address system, a vibration speaker, and a parametric speaker, which channels sound in a specific direction. Wixey wrote simple code scripts or slightly more complete malware to run on each device. An attacker would still need physical or remote device access to spread and implant the malware.

From there, Wixey placed them one by one in a soundproof container with minimal echo called an anechoic chamber. A sound level meter within the enclosure measured the emissions, while a surface temperature sensor took readings of each device before and after the acoustic attack.

Wixey found that the smart speaker, the headphones, and the parametric speaker were capable of emitting high frequencies that exceeded the average recommended by several academic guidelines. The Bluetooth speaker, the noise-canceling headphones, and the smart speaker again were able to emit low frequencies that exceeded the average recommendations.

Additionally, attacking the smart speaker in particular generated enough heat to start melting its internal components after four or five minutes, permanently damaging the device. Wixey disclosed this finding to the manufacturer and says that the device maker issued a patch. Wixey says that he is not releasing any of the acoustic malware he wrote for the project or naming any of the specific devices he tested. He also did not test the device attacks on humans.

“There are a lot of ethical considerations and we want to minimize the risk,” Wixey says. “But the upshot of it is that the minority of the devices we tested could in theory be attacked and repurposed as acoustic weapons.”

The experiments on the internet-connected smart speaker also highlight the potential for acoustic malware to be distributed and controlled through remote access attacks. And Wixey notes that existing research on detrimental human exposure to acoustic emanations has found potential effects that are both physiological and psychological.

The acoustic academic research community has increasingly been warning about the issue as well. "We are currently in the undesirable situation where a member of the public can purchase a $20 device that can be used to expose another human to sound pressure levels ... in excess of the maximum permissible levels for public exposure," Timothy Leighton, a researcher at the University of Southampton wrote in the October issue of The Journal of the Acoustical Society of America.