Threat actors can leverage a computer's peripheral devices (e.g., microphones and webcams) or applications (e.g., voice and video call services) to capture audio recordings for the purpose of listening into sensitive conversations to gather information.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.