Malware Utilizes Fan Noise of Air-Gapped Computer to Transmit Data
Long time back researchers devised ways for pilfering data from computers not connected to the Internet with the aid of acoustic, thermal, optic as well as electromagnetic hidden channels. Also, when it was demonstrated that it was possible to steal data utilizing the external else internal speakers of a PC, lot of organizations prohibited the use of these items on air-gapped systems to maintain the required security.
A group of four security investigators belonging to Israel's Ben-Gurion University of the Negev recently developed a malware strain called Fansmitter which utilizes fans appended to a PC for transmitting data out of the computer it infects.
Since any database primarily gets displayed in certain series of zeros and ones, Fansmitter was created for compromising the speed of a PC's fan while get the fan to run by 2 separate speeds, matching with binaries "0" and "1" respectively. Softpedia.com posted this online dated June 24, 2016.
In the meantime, an attack with Fansmitter would work solely on computers without speakers, thus preventing attackers from utilizing acoustic channels for acquiring intended data.
The investigators wrote within the research paper that with Fansmitter, attackers could effectively send out encryption keys and passwords stored on certain air-gapped PC, without speakers, onto any mobile phone physically near and around the system. Other than desktop PCs, the Fansmitter attack worked with other types of systems that did not have audio system, while contained a cooling fan like in control systems, printers, and so on.
For better transfer of data via Fansmitter, the malware's rate of frequency requires increasing. For example, by applying a 2,000-2,500 RPM rotation measure, it was possible for transmitting 10 bits/min covering distance of 4 meters, while a 4,000-4,250 RPM rotation range enabled transmission of 15 bits/min covering distance of 1 meter. If attackers reduced the fan's speed, the distance over which data was to be transferred also reduced. By applying 0/1 frequencies, data could be transmitted then also, however, that made data open to behind the screen noise. PC fans generally gave out noise within 100 Hz-600 Hz range that human ear could hear.
» SPAMfighter News - 7/1/2016