Home page logo
/

isn logo Information Security News mailing list archives

Scientist-developed malware covertly jumps air gaps using inaudible sound
From: InfoSec News <alerts () infosecnews org>
Date: Tue, 3 Dec 2013 08:51:55 +0000 (UTC)

http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

By Dan Goodin
Ars Technica
Dec 2 2013

Computer scientists have developed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics, recently disclosed their findings in a paper published in the Journal of Communications. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware.

"In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."

[...]
--
Dean Bushmiller teaches a great 5-Day CISM in Albany NY Dec. 2 – 6.
Call 327-937-9786 for details.

  By Date           By Thread  

Current thread:
  • Scientist-developed malware covertly jumps air gaps using inaudible sound InfoSec News (Dec 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]