|
The
attack program takes control of the physical prongs on
general-purpose input/output circuits and vibrates them at a
frequency of the researchers’ choosing, which can be audible or
not. The vibrations can be picked up with an AM radio antenna a
short distance away.
For decades, spy agencies and researchers have sought arcane
ways of extracting information from keyboards and the like,
successfully capturing light, heat and other emanations that
allow the receivers to reconstruct content.
The new makeshift transmitting antenna, dubbed “Funtenna” by
lead researcher Ang Cui of Red Balloon Security, adds another
potential channel that likewise be would be hard to detect
because no traffic logs would catch data leaving the premises.
Cui showed the system in action for a few reporters ahead of his
talk Wednesday at the annual security conference Black Hat in
Las Vegas. He said he would release “proof-of-concept” code
after the talk, allowing other researchers and potentially
malicious hackers to build on his work.
Hackers would need an antenna close to the targeted building to
pick up the sound waves, Cui said, and they would need to find
some way to get inside a targeted machine and convert the
desired data to the format for transmission.
But the tool’s development over the past two years is another
illustration that a broadening array of devices can be
manipulated in unpredictable ways and that attackers increase
their advantage over defenders as gadgets grow more complex.
(Reporting by Joseph Menn; Editing by Cynthia Osterman)
[© 2015 Thomson Reuters. All rights
reserved.] Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
|
