|
 U.S.
researchers show computers can be hijacked to send data as sound waves
Send a link to a friend
[August 05, 2015]
By Joseph Menn
LAS VEGAS (Reuters) - A team of security
researchers has demonstrated the ability to hijack standard equipment
inside computers, printers and millions of other devices in order to
send information out of an office through sound waves.
|
|
 The attack program takes control of the physical prongs on
general-purpose input/output circuits and vibrates them at a
frequency of the researchers’ choosing, which can be audible or not.
The vibrations can be picked up with an AM radio antenna a short
distance away.
For decades, spy agencies and researchers have sought arcane ways of
extracting information from keyboards and the like, successfully
capturing light, heat and other emanations that allow the receivers
to reconstruct content.
The new makeshift transmitting antenna, dubbed “Funtenna” by lead
researcher Ang Cui of Red Balloon Security, adds another potential
channel that likewise be would be hard to detect because no traffic
logs would catch data leaving the premises.
Cui showed the system in action for a few reporters ahead of his
talk Wednesday at the annual security conference Black Hat in Las
Vegas. He said he would release “proof-of-concept” code after the
talk, allowing other researchers and potentially malicious hackers
to build on his work.
[to top of second column] |
Hackers would need an antenna close to the targeted building to pick
up the sound waves, Cui said, and they would need to find some way
to get inside a targeted machine and convert the desired data to the
format for transmission.
But the tool’s development over the past two years is another
illustration that a broadening array of devices can be manipulated
in unpredictable ways and that attackers increase their advantage
over defenders as gadgets grow more complex.
(Reporting by Joseph Menn; Editing by Cynthia Osterman)
[© 2015 Thomson Reuters. All rights
reserved.]
Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
