Researchers Turn Gaming Mouse Into Eavesdropping Devices, High-End Sensors Can Act Like Microphones
Researchers at the University of California, Irvine, have uncovered a startling new cybersecurity risk: high-end gaming mice could be secretly used as microphones to spy on users.
In a paper titled Invisible Ears at Your Fingertips: Acoustic Eavesdropping via Mouse Sensors, the team detailed how modern optical mouse sensors, found in popular models from brands like Razer and Darmoshark, are sensitive enough to pick up subtle vibrations caused by sound waves on a desk’s surface. When processed with machine learning, those vibrations can be reconstructed into recognisable speech.
The attack, called Mic-E-Mouse, doesn’t require a microphone or any system-level permissions. Instead, it relies on user-space software, meaning even regular applications such as games or graphic tools could unknowingly collect and transmit mouse data that encodes audio information.
According to the study, the researchers were able to recover speech with up to 61% recognition accuracy and improve the signal-to-noise ratio by 19 decibels after filtering. In controlled tests, their system could even recognise spoken digits and phrases from datasets like AudioMNIST and VCTK.
Here’s how it works: as someone speaks near a computer, sound vibrations travel through the desk and cause microscopic movements detectable by the mouse’s optical sensor. These movement signals, though originally meant to track cursor motion, can be repurposed through a neural network pipeline that filters and reconstructs them into speech audio.
The researchers warn that this vulnerability is particularly concerning for work-from-home setups and secure environments where microphones are disabled. Since optical sensors in high-performance mice can sample up to 8,000 times per second and exceed 20,000 DPI, they’re sensitive enough to act like crude microphones under the right conditions.
The team responsibly disclosed the vulnerability to affected manufacturers, including sensor maker PixArt Imaging Inc., and is pursuing a CVE classification under “Improper Protection of Physical Side Channels.” They recommend using vibration-absorbing mouse pads, restricting the use of ultra-high-DPI mice in sensitive offices, and adding firmware-level noise protections to prevent similar attacks.
The findings highlight a broader truth: as consumer devices become more precise and data-rich, even the most mundane hardware can become a surveillance tool, sometimes without anyone realising it.
For more news like this, stay tuned to us at Adam Lobo TV.
