A team of researchers claim they've developed malware that can extract
data from an isolated computer with no internet connection, camera or
audio hardware—all by using sounds generated by the machine's processor
and cooling fans.
In a new paper,
researchers at Israel's Ben Gurion University describe an attack meant
to be used against isolated or “air-gapped” machines that wouldn't
normally be accessible. While others have demonstrated ways of doing
this using ultrasonic waves coming from a machine's speakers, the method
the Israeli researchers describe works by controlling and listening to
the speed of the machine's fans and CPU, and doesn't require it to have
any speakers, cameras or other hardware.
“Using our method we successfully transmitted data from [an] air-gapped computer without audio hardware, to a smartphone receiver in the same room,” the researchers says.
It's not the first time that audio signals have been used to extract data from air-gapped machines. Previous malware demonstrations
have shown that PCs' internal and external speakers could use similar
techniques to broadcast data signals via audio to capture devices.
We show that our method can also be used to leak data from
different types of IT equipment, embedded systems, and IoT devices that
have no audio hardware, but contain fans of various types and sizes.”
The malware, which infects machines via a sneaky double-agent wielding a USB stick, works a bit like morse code. Once installed, it locates data on the machine and transmits it by controlling the speed of the machine's CPU and cooling fans, creating acoustic waveforms that are then received and deciphered by a nearby listening device.
This capability led some to think that, to make computers truly secure, they need to be audio-gapped (with all audio speakers disabled) in addition to being air-gapped (cut off from any non-secure networks) – but the new approach shows that even audio-gapping may not be enough in some circumstances to entirely lock down a PC.
The researchers say they were able to exfiltrate data at up to 900 bits/hour, with a listening device placed within 8 meters of the machine. While that's hardly ideal for downloading a new Taylor Swift album, it's just fine for stealing passwords and encryption keys.
Source: MOTHERBOARD
0 comments:
Post a Comment