“DiskFiltration’ malware steals data from offline computers sound

Aug

13

2016

Researchers at Israel’s Ben-Gurion University have developed a malware variant that data from a computer can be that air gapped stolen. This is done on the basis of sound produced from the hard disk by the actuator.

The researchers write that this sound can be collected by, for example a smartphone or a laptop. For that requires that the listening device is within two meters from the computer of the target and that the PC is equipped with a mechanical hard drive. An SSD is therefore not vulnerable. The Disk Filtration-malware must also be present on the computer of the target, which can be infected, for example, by means of a USB drive.

Therefore is also an air gapped computer, a connection to the outside world, vulnerable to this attack, say the scientists. The listening device may be in possession of the attacker or be infected by malware, which then sends the data connection via the collected signals. Steal data access by the malware to the infected system by searching for sensitive data like passwords and encryption keys.

Subsequently, the malicious software makes use of the actuator, which is the arm with write and read heads, to generate acoustic signals which can be received by the listening device. Thus, it is possible, for example in order to bring about a 4096bit key-in 20 minutes at a rate of 180bits / m, writes Ars Technica. While this attack is effective, it remains difficult to carry out by the requirement that the computer of the target has to be infected.

The researchers will publish this project often this kind of side channel attacks, for example AirHopper and Fansmitter. The focus is the GPU of the computer or as a FM transmitter and the fan is used to send data through sound.

Viewing:-136

In: Technology & Gadgets Asked By: [15780 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »