Ultrasounds can be used to de-anonymize TOR users in a new, rather astonishing exploit revealed by a team of six security researchers, who showed their findings to the Black Hat Europe security conference in November 2016 and the 33rd Chaos Comm Congress held just last week. Ultrasound attacks against TOR users rely on ultrasound cross-device tracking (uXDT). The uXDT is a relatively new technology which has been deployed on major ad platforms since 2014, but its implications for security were not widely known until now. It works like this: advertisers hide their ultrasounds in the ads, then when the ad plays on TV or radio, or the advertising code gets executed on a computer or Android device, it emits ultrasounds which then get picked up by the microphones of nearby tablets, PCs, laptops or smartphones.
What this means for YOU …
If you are using TOR and have your smartphone nearby, and if a certain kind of app is installed on your phone, then the mobile device can ping back to the attacker with details about the device, so the attacker can compile a profile on the user, linking the user’s computer to his smartphone. The important thing to note is that the user must have an app installed on the phone which is embedded with one of many SDKs which include support for uXDT.
The ultimate take-away here is that if you are seriously concerned about this attack, you should remove the battery from your phone while using TOR on your laptop!