Window Jingle Attack Steals Data Drom PC Without Network Connection
Head Scientist at the French Signals Academy's Virology and Cryptology Lab, Eric Filiol, at the Black Hat conference in Las Vegas revealed a jingle attack which makes use of a malware to steal details from a system without a network connection.
Also, the Windows Jungle Attack is not easy to operate like other attacks that ensure remote code execution because it needs malware on the attacked system. Further, there are some dangerous situations when acquiring data from a system without any network connection.
It was also discovered that the attacks could be executed on a machine operating Windows, Mac OS X and Linux.
Filiol claimed that an isolated system is never disconnected from outside. Through covert insertion or social engineering, malware can be inserted in an offline system. Law officials make of this tool to download keylogging hardware for close observation and to acquire captured information, reported by InformationWeek on August 8, 2008.
Also, Filiol indicated that the open source Scilab program is the initiat point. The malware should replace the startup tone of Windows. And the user, who receives the information, should have some means to pick up the startup tone- a microphone that operates over long distance or hidden locally, and software to decode the exchanged data.
Security experts also said that the Jingle method could be used to create other covert modes of communication. For instance - Filiol said that data could be encoded on screen visually with the help of computer fans, write noise/hard disk read, as reported by TMCNet on August 8, 2008.
Further, Windows Jingle attack is a way for encoding user password into audio data and hiding that particular data in the startup tome of Windows. Ironically, that tone is easily audible to the pubic and can be decoded from far areas through remote or local microphone.
Also, similar cases were also recorded earlier. In 1987, the NSA discovered that the internal and intelligence security agency of the former Soviet Union, KGB, had removed the power cords and circuit boards in the US embassy in Moscow to covertly decode the message details.
Related article: Wendy’s Name Used to Steal Private Detail From Users
» SPAMfighter News - 25-08-2008
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!