Serafim
Advanced
- Joined
- 28.09.20
- Messages
- 129
- Reaction score
- 1,172
- Points
- 93
Experts from Israel's Ben-Gurion University demonstrated the AIR-FI attack, a new method for extracting data from machines that are physically isolated from any networks and potentially dangerous peripherals. such computers are often found in government systems and corporate networks, they store secret documents, as well as private and confidential information.
This time, the researchers proposed turning RAM into an improvised wireless emitter for transmitting data "over the air".
At the heart of the AIR-FI attack is the fact that any electronic component generates electromagnetic waves when an electric current passes through. Since Wi-Fi is radio waves, which is very close to electromagnetic waves, the researchers write that in theory, a hacker can manipulate the power supply of RAM in such a way as to generate electromagnetic waves with a frequency corresponding to the frequency of the Wi-Fi signal (2.4 GHz).
In their report and accompanying video, the experts show that carefully controlled RAM read-write operations can cause the memory bus to emit electromagnetic waves similar to a weak Wi-Fi signal. This signal can be received by any Wi-Fi-enabled device located near an isolated computer, such as a smartphone, laptop, IoT device, smartwatch, and so on.
Experts tested AIR-FI on various isolated systems and eventually were able to transmit data at speeds of up to 100 bits / second to devices located a few meters away from the compromised machine.
AIR-FI is not the first exotic attack developed by specialists from Ben-Gurion University (a list of other attacks can be seen below), but the researchers note that this method is one of the easiest to implement. after all, in this case, the attacker does not need to get root/administrator rights before launching his exploit. In fact, this allows the attack to run on any OS and even on virtual machines. It is also noted that most modern RAM strips can easily emit signals in the 2.4 GHz band, and old memory is not difficult to overclock to achieve the desired effect.
Among other developments of scientists from Ben-Gurion University, the following can be mentioned:
usbee: turns almost any usb device into an rf transmitter for transmitting data from a secure pc;
DiskFiltration: Intercepts information by recording the sounds that the computer's hard drive makes while the computer is running;
AirHopper: Uses the FM receiver in the mobile phone to analyze the electromagnetic radiation coming from the computer's video card and turns it into data;
Fansmitter: adjusts the speed of the cooler on the infected machine, so that the tone of the cooler changes, it can be listened to and recorded, extracting data;
GSMem: transfers data from an infected PC to any, even the oldest push-button phone, using GSM frequencies;
BitWhisper: uses thermal sensors and thermal energy fluctuations;
an unnamed attack that uses flatbed scanners and smart light bulbs to transmit information;
hvacker and air-Jumper: data theft using surveillance cameras that are equipped with IR LEDs (infrared LEDs), as well as use as a "bridge" to isolated networks of heating, ventilation and air conditioning systems;
MOSQUITO: data extraction is suggested to be carried out using conventional headphones or speakers;
powerhammer: It is suggested to use regular power cables to extract data;
ctrl-alt-led: caps lock, num lock and scroll lock diodes are used to extract information;
BRIGHTNESS: Retrieves data by changing the brightness of the monitor screen.
This time, the researchers proposed turning RAM into an improvised wireless emitter for transmitting data "over the air".
At the heart of the AIR-FI attack is the fact that any electronic component generates electromagnetic waves when an electric current passes through. Since Wi-Fi is radio waves, which is very close to electromagnetic waves, the researchers write that in theory, a hacker can manipulate the power supply of RAM in such a way as to generate electromagnetic waves with a frequency corresponding to the frequency of the Wi-Fi signal (2.4 GHz).
In their report and accompanying video, the experts show that carefully controlled RAM read-write operations can cause the memory bus to emit electromagnetic waves similar to a weak Wi-Fi signal. This signal can be received by any Wi-Fi-enabled device located near an isolated computer, such as a smartphone, laptop, IoT device, smartwatch, and so on.
Experts tested AIR-FI on various isolated systems and eventually were able to transmit data at speeds of up to 100 bits / second to devices located a few meters away from the compromised machine.
AIR-FI is not the first exotic attack developed by specialists from Ben-Gurion University (a list of other attacks can be seen below), but the researchers note that this method is one of the easiest to implement. after all, in this case, the attacker does not need to get root/administrator rights before launching his exploit. In fact, this allows the attack to run on any OS and even on virtual machines. It is also noted that most modern RAM strips can easily emit signals in the 2.4 GHz band, and old memory is not difficult to overclock to achieve the desired effect.
Among other developments of scientists from Ben-Gurion University, the following can be mentioned:
usbee: turns almost any usb device into an rf transmitter for transmitting data from a secure pc;
DiskFiltration: Intercepts information by recording the sounds that the computer's hard drive makes while the computer is running;
AirHopper: Uses the FM receiver in the mobile phone to analyze the electromagnetic radiation coming from the computer's video card and turns it into data;
Fansmitter: adjusts the speed of the cooler on the infected machine, so that the tone of the cooler changes, it can be listened to and recorded, extracting data;
GSMem: transfers data from an infected PC to any, even the oldest push-button phone, using GSM frequencies;
BitWhisper: uses thermal sensors and thermal energy fluctuations;
an unnamed attack that uses flatbed scanners and smart light bulbs to transmit information;
hvacker and air-Jumper: data theft using surveillance cameras that are equipped with IR LEDs (infrared LEDs), as well as use as a "bridge" to isolated networks of heating, ventilation and air conditioning systems;
MOSQUITO: data extraction is suggested to be carried out using conventional headphones or speakers;
powerhammer: It is suggested to use regular power cables to extract data;
ctrl-alt-led: caps lock, num lock and scroll lock diodes are used to extract information;
BRIGHTNESS: Retrieves data by changing the brightness of the monitor screen.