HEADSETS that monitor your brainwaves could allow hackers to empty your bank account, scientists fear.

High-tech helmets called electroencephalograms or EEGs are often used to diagnose epilepsy, but are beginning to appear on the toy and video game markets.

4 A recent study found that EEGs could easily be hacked and have prompted serious security concerns in the scientific community Credit: Getty Images

You can buy devices that allow you control robotic toys or play video games using just your mind for just £100.

But a study recently proved that hackers could guess a user's passwords using these headsets to monitor victims' brainwaves.

And now scientists are concerned that EEGs could be used in a similar way.

Nitesh Saxena, associate professor in the UAB College of Arts and Sciences, along with PhD student Ajaya Neupane and Doctor Lutfor Rahman, found that a person who paused a video game and logged into a bank account while wearing an EEG could have their passwords or personal information nabbed by malicious software.

"These emerging devices open immense opportunities for everyday users," Saxena told Phys.org.

"However, they could also raise significant security and privacy threats as companies work to develop even more advanced brain-computer interface technology."

4 One example of a brainwave reader is the EEG from Emotiv.com Credit: EMOTIV

The researchers used two headsets to test their hypothesis - one clinical grade and one which can be bought online.

Both headsets monitored visual processing, hand-eye and head muscle movements to "learn" what numbers a person was thinking about.

They asked 23 people to type a series of randomly generated pins and passwords into a text box as if they were logging into an online account while wearing the EEG.

Their password-nicking software quickly learnt which number corresponded with a specific muscle movement or "brainwave".

4 EEGs are already used in clinical trials and for diagnosing brain ailments, but they are tipped to become a consumer gadget in the near future Credit: Getty Images

Hackers could exploit this, they claim, by getting someone playing a game using a headset to enter a set of numbers shown on screen after pausing for a break.

The hidden program would prompt an annoying CAPTCHA-style box in which users type set of letters to prove "I'm not a robot" so it could figure out someone's signature brainwaves.

The team found that after 200 characters, algorithms could make a decent guess about what the person was thinking.

MOST READ IN TECH AND SCIENCE FRESH APPLE iPhone 12 launch date leaks online with 4 new mobiles to be unveiled next month GADGETS GALORE Amazon reveals Echo Dot Kids Edition with cute designs like Panda and Tiger TECHCELLENT Amazon unveils flying drone camera that chases burglars from your home 'STARTING REACTORS' What is Super Alexa Mode? Strange 'cheat code' for your Amazon Echo 'APPY DAYS NHS Covid-19 app – Does it work on my mobile and can old iPhones download it? FE-ELS GOOD Galaxy S20 FE pre-order deals include FREE Xbox Game Pass bundle

This could shorten the odds of a hacker's guessing a four-digit numerical PIN from one in 10,000 to one in 20 and increased the chance of guessing a six-letter password from about 500,000 to roughly one in 500, the study found.

And while it might seem like a lot of effort, if hackers send out this malicious code in batches and broke into a handful of people's bank accounts, they could still make themselves thousands of pounds in a very short amount of time.

"Given the growing popularity of EEG headsets and the variety of ways in which they could be used, it is inevitable that they will become part of our daily lives, including while using other devices," Saxena said.

"It is important to analyse the potential security and privacy risks associated with this emerging technology to raise users' awareness of the risks and develop viable solutions to malicious attacks."