Scientists create computer virus that transfers stolen data using inaudible sounds
The malware has a low data transmission rate, but could be used to send passwords and login information
Tuesday 03 December 2013
Computer scientists from Germany have developed a new form of malware that can transmit data from hacked computers using an audio signal inaudible to humans.
Just using the built-in speakers and microphone in a pair of commercially available laptops, the researchers were able to transfer small amounts of sensitive data across a distance of almost 65 feet.
The team involved also predicted that this distance could be increased significantly using a network of controlled devices to relay the data acoustically.
The discovery is of particular relevance to high-security computer networks where sensitive data is often protected with an “air gap”, meaning that the devices are physically disconnected from any networks, including the internet.
Fortunately for the governments and large institutions that use these measures, the target computer still has to be infected with malware via more traditional means before it can transmit data.
The research was published in the Journal of Communications, and was led by a team from Germany’s Fraunhofer Institute for Communication, Information Processing, and Ergonomics.
Speaking to technology site Ars Technica, Michael Hanspach, one of the paper’s authors, said that the proof-of-concept software they had developed meant that air gaps “can be considered obsolete.”
“Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other,” said Hanspach.
The procedures used to transfer the data over sound waves were based on software developed by Germany’s Research Department for Underwater Acoustics and Geophysics to communicate acoustically underwater.
One significant drawback of the software is that the data transmission rate was only 20 bits per second - enough to send basic text, but too small to transfer any larger multimedia, such as video. The researchers, however, do not think that this is much of a problem:
“This small bandwidth might actually be enough to transfer critical information (such as keystrokes)," Hanspach told Ars Technica. "And you could forward any small-sized information such as private encryption keys or maybe malicious commands to an infected piece of construction."
It’s unlikely that this new technique will be of any use to commercial hackers (creating an acoustic mesh to transfer stolen information would be extremely inefficient compared to simply connecting via the web) but state-sponsored hackers might consider adding this to their arsenal.
Hanspach and his team did also suggest a number of countermeasures, including using audio software that filters out high-range frequencies or simply disconnecting any speakers and microphones connected to a computer.
Board creates magnetic field to achieve lift
Singer says the track was 'force-fed down people's throats'
Endangered species spotted in a creek in the Qinling mountains
Company says data is only collected under 'temporary' identities that are discarded every 15 minutes
Trend which requires crisps, a fork and a strong stomach is sweeping Mexico's streets
George Lucas criticises the major Hollywood film studios
Some experiencing postnatal depression don't realise there is a problem. What can be done?
Life & Style blogs
iPhone 6 'catches on fire and burns man's leg after bending in his pocket'
Are you ready for Crazy Doritos, the red-hot snack food craze sweeping Mexico’s streets?
Drink alcohol and eat meat to improve male fertility - but cut down on coffee, studies suggest
The inventor of the Facebook 'like' button says he never made a 'dislike' button because he feared the 'unfortunate consequences'
What lies beneath La Perla's 60 years of luxury lingerie?
Cameron is warned 'no possibility' of UK reducing immigration and that bid to bring in quota on migrant workers would be illegal
Residents should throw a street party and mix with immigrant neighbours, councils told
Russell Brand threatened with arrest after filming outside Fox News headquarters
London bus driver 'kicks gay couple off for kissing'
Lord Freud: Tory welfare minister apologises after saying disabled people are 'not worth’ the minimum wage
Lord Freud hangs on as MPs of all parties 'call for his head' over disability comments
- 1 Jack the Ripper: Scientist who claims to have identified notorious killer has 'made serious DNA error'
- 2 Banksy arrest hoax: Internet duped by fake report claiming street artist's identity has been revealed
- 3 Drink alcohol and eat meat to improve male fertility - but cut down on coffee, studies suggest
- 4 Former East 17 frontman Brian Harvey turns up at Downing Street and 'demands to speak to Prime Minister'
- 5 The inventor of the Facebook 'like' button says he never made a 'dislike' button because he feared the 'unfortunate consequences'
iJobs Gadgets & Tech
£20000 - £22000 per annum + Benefits: Ashdown Group: IT Support Analyst - Chel...
£25 - 28k (DOE) + Benefits: Guru Careers: A PPC Account Executive is needed to...
£35 - 45k + Benefits: Guru Careers: We are seeking a tech savvy Android Develo...
£30 - 35k + 25% Y1 OTE + Fantastic Benefits: Guru Careers: We are seeking an e...