Solved

Interesting Air gap protected infection mechanism IF IF true and not a hoax.

  • 31 October 2013
  • 6 replies
  • 1949 views

http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
icon

Best answer by Rakanisheu Retired 6 November 2013, 18:28

View original

6 replies

Userlevel 7
Badge +56
That is interesting Thanks for posting!
 
Daniel
Userlevel 7
I do not know what to make of this. I have seen posts saying it is a hoax, and posts claiming it is very real.

It makes for interesting reading though, no matter what.
Userlevel 7
I personally think its a hoax but I am waiting to see. I have a few questions
 
1) BIOS are pretty unique, those of us who has flashed BIOS`s know it can be tricky. Get it wrong and the system is toast
2) If they say it spreads via High Freq sound waves the receiving PC will have to have some sort of DSP or a hardware decoding chip to recieve the sound (since the PC is powered off the CPU wont be utilised I am guessing??)
3) if thats not the case the recieving PC will already had to be infected to recieve the infection otherwise how is it listening??
4) the article mentions a USB stick??
 
I have done a thesis on transmitting data by hiding it in high frequency noise and you need specific hardware or decoding on the receving end. If it is true I will be very interested in the full story
Userlevel 7
Badge +6
Hi @ 
The initial media reports were misleading. The infection is spread through some sort of USB 0day. It then uses sound to establish a data session between the computers to exfiltrate data from airgapped system.
Userlevel 7
As I assumed it was something to do with the USB stick, then its nothing new really. 
"nothing new"
 
Well except for this part...again if it's real:
It then uses sound to establish a data session between the computers to exfiltrate data from airgapped system.

Reply