Scientist-developed malware covertly jumps air gaps using inaudible sound

  • 3 December 2013
  • 2 replies
  • 1681 views

Userlevel 7
Badge +54
Malware communicates at a distance of 65 feet using built-in mics and speakers.

Computer scientists have developed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
 
Full Topic

2 replies

Userlevel 7
Badge +35
The audio frequency range they're using is highly directional, and in their range experiment they mention that "Both nodes are placed in direct line of sight to each other with the displays directed at each other so that output of the internal speakers (built-in alongside the keyboard) is loosely directed at the corresponding node." In other words, their experiment would not have worked if they had simply turned the laptops around so that they do not face each other. 

 
Disabling the microphone and speakers on computers in "highly sensitive environments that routinely place an "air gap" between computers and the outside world" is a pretty simple way to protect against an attack of this type. 
 
-Dan
Userlevel 7
Badge +6
Dang Dan,
I'm sure glad you're not on the dark side.

Reply