It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Scientists have developed malware that jumps air gaps using inaudible sound
page: 16
share:
Some of you may have read one of the threads last month regarding BadBIOS:
Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
If Dragos Ruiu isn't crazy, "badBIOS" is the worst thing to infect a computer, ever.
One of the more interesting claims regarding this this new malware, as reported by Dragos Ruiu, is its ability to communicate between two infected PCs by transmitting HF sound, using the computers' speakers and mics.
Today I came across the following on Ars Technica:
source
The article does a very poor job of explaining that while this represents a novel (and very low bandwidth @ 20bps) mode of communication, it does not constitute a new vector for infection. That is to say, both PCs would need to have been already infected through some other means and only after being infected could such communication take place.
What it does mean is that in addition to pulling the network cable, it might be a good idea to disable built-in mics and unplug the speakers when removing an infected PC from your network.
Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
If Dragos Ruiu isn't crazy, "badBIOS" is the worst thing to infect a computer, ever.
One of the more interesting claims regarding this this new malware, as reported by Dragos Ruiu, is its ability to communicate between two infected PCs by transmitting HF sound, using the computers' speakers and mics.
Today I came across the following on Ars Technica:
Computer scientists have developed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied on software originally developed to acoustically transmit data under water. Created by the Research Department for Underwater Acoustics and Geophysics in Germany, the so-called adaptive communication system (ACS) modem was able to transmit data between laptops as much as 19.7 meters (64.6 feet) apart. By chaining additional devices that pick up the signal and repeat it to other nearby devices, the mesh network can overcome much greater distances.
source
The article does a very poor job of explaining that while this represents a novel (and very low bandwidth @ 20bps) mode of communication, it does not constitute a new vector for infection. That is to say, both PCs would need to have been already infected through some other means and only after being infected could such communication take place.
What it does mean is that in addition to pulling the network cable, it might be a good idea to disable built-in mics and unplug the speakers when removing an infected PC from your network.
reply to post by theantediluvian
Sorry dude, this has already been posted in October in this forum.
Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
Sorry dude, this has already been posted in October in this forum.
Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
reply to post by Bassago
Correct. Since the OP does direct to that thread, why not just post this new data on that thread?
Correct. Since the OP does direct to that thread, why not just post this new data on that thread?
Bassago
reply to post by theantediluvian
Sorry dude, this has already been posted in October in this forum.
Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps
This thread is actually not about BadBIOS, it is about other researchers creating a proof of concept that demonstrates the feasibility of using HF signals and computers' speakers and mics to communicate covertly. While it doesn't prove Dragos Ruiu's claims, it does somewhat bolster them.
If you'll look back, you'll notice that I started off my post with a reference to BadBIOS and link to that thread .
edit on 2-12-2013 by
theantediluvian because: (no reason given)
Aleister
reply to post by Bassago
Correct. Since the OP does direct to that thread, why not just post this new data on that thread?
Because no one will see it there...
reply to post by theantediluvian
Let me tell you whats wrong with that precept.
If one were to make "sounds" that were actually encoded that could enter target computers speakers and infect its software, there would have to already be a program inside the target computer that receives and decodes the "transmission".
Why bother having a "receiver" program in place when you could just infect the computer with a virus over the same channel you infected it with the "receiver" program?
Theres no point in infecting a computer with a program that receives malware programs "over the air". Whats the range on that anyway, in the room?
Wow, highly virulent.
…it is about other researchers creating a proof of concept that demonstrates the feasibility of using HF signals and computers' speakers and mics to communicate covertly.
Let me tell you whats wrong with that precept.
If one were to make "sounds" that were actually encoded that could enter target computers speakers and infect its software, there would have to already be a program inside the target computer that receives and decodes the "transmission".
Why bother having a "receiver" program in place when you could just infect the computer with a virus over the same channel you infected it with the "receiver" program?
Theres no point in infecting a computer with a program that receives malware programs "over the air". Whats the range on that anyway, in the room?
Wow, highly virulent.
reply to post by intrptr
As I stated:
The important thing is that it represents a covert form of communication between infected PCs that exists even without any network interfaces.
As I stated:
The article does a very poor job of explaining that while this represents a novel (and very low bandwidth @ 20bps) mode of communication, it does not constitute a new vector for infection. That is to say, both PCs would need to have been already infected through some other means and only after being infected could such communication take place.
What it does mean is that in addition to pulling the network cable, it might be a good idea to disable built-in mics and unplug the speakers when removing an infected PC from your network.
The important thing is that it represents a covert form of communication between infected PCs that exists even without any network interfaces.
reply to post by theantediluvian
Whoops, right you are. You did state that. Sorry for not reading thru, I saw something wrong with it right away and spoke the same thing you did. So… theres nothing to worry about.
Unless they infect your mind with advertising, video games, and bloodlust movies.
That needs no encoding, we volunteer…
Whoops, right you are. You did state that. Sorry for not reading thru, I saw something wrong with it right away and spoke the same thing you did. So… theres nothing to worry about.
Unless they infect your mind with advertising, video games, and bloodlust movies.
That needs no encoding, we volunteer…
new topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 2 hours ago -
Maestro Benedetto
Literature: 4 hours ago -
Is AI Better Than the Hollywood Elite?
Movies: 4 hours ago -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 8 hours ago -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 8 hours ago -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 9 hours ago -
The functionality of boldening and italics is clunky and no post char limit warning?
ATS Freshman's Forum: 10 hours ago -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 11 hours ago -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 11 hours ago
top topics
-
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies: 2 hours ago, 23 flags -
Krystalnacht on today's most elite Universities?
Social Issues and Civil Unrest: 14 hours ago, 9 flags -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media: 16 hours ago, 8 flags -
Weinstein's conviction overturned
Mainstream News: 12 hours ago, 8 flags -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics: 14 hours ago, 8 flags -
Massachusetts Drag Queen Leads Young Kids in Free Palestine Chant
Social Issues and Civil Unrest: 11 hours ago, 7 flags -
Gaza Terrorists Attack US Humanitarian Pier During Construction
Middle East Issues: 9 hours ago, 7 flags -
Las Vegas UFO Spotting Teen Traumatized by Demon Creature in Backyard
Aliens and UFOs: 8 hours ago, 6 flags -
Meadows, Giuliani Among 11 Indicted in Arizona in Latest 2020 Election Subversion Case
Mainstream News: 11 hours ago, 5 flags -
2024 Pigeon Forge Rod Run - On the Strip (Video made for you)
Automotive Discussion: 8 hours ago, 4 flags
active topics
-
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 688 • : daskakik -
Reason of the Existence
The Gray Area • 21 • : BingoMcGoof -
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies • 10 • : nugget1 -
Supreme Court Oral Arguments 4.25.2024 - Are PRESIDENTS IMMUNE From Later Being Prosecuted.
Above Politics • 85 • : Sookiechacha -
Chris Christie Wishes Death Upon Trump and Ramaswamy
Politicians & People • 24 • : nugget1 -
New whistleblower Jason Sands speaks on Twitter Spaces last night.
Aliens and UFOs • 63 • : pianopraze -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs • 74 • : Justoneman -
Starburst galaxy M82 - Webb Vs Hubble
Space Exploration • 6 • : Arbitrageur -
University of Texas Instantly Shuts Down Anti Israel Protests
Education and Media • 264 • : stelth2 -
VirginOfGrand says hello
Introductions • 9 • : TheMichiganSwampBuck
6