Sharing their results with WIRED, the researchers demonstrated how eye movements can be analyzed to reconstruct the information gathered. By observing the eye movements of the virtual avatar as it typed, they were able to determine which keys were pressed with impressive accuracy. In tests, the GAZEploit attack achieved 77% accuracy in guessing passwords and 92% accuracy in decrypting messages without requiring direct access to the user’s Vision Pro.
The attack relies on two main components: determining typing behavior from the avatar’s gaze pattern, and calculating the layout and size of the virtual keyboard using geometric analysis. The team used a recurrent neural network trained on 30 avatars to detect typing patterns that differed from other activities, such as web browsing or scrolling through a video.
Apple was alerted to the vulnerability in April and a patch was released to fix the problem in late July.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
