04/12/2013

Malware that can Infect and transfer stolen data using Inaudible Audio signals

If you think that a computer which is not connected to a network, doesn't have any USB sticks attached to it and doesn’t accept any kind of electronic connection requests are reasonably safe against hackers and from all the malware, then you are Wrong. Here we have something shocking update that Some German Scientists have developed a proof of concept Malware prototype, could allow a hacker to infect your computers and other digital devices just using Inaudible Audio signals. The ability to bridge an air gap could be a potent infection vector. Just imagine, a cyber attack using high-frequency sound waves to infect machines, where stolen data also can be transferred back to attacker without a network connection, Sounds very terrifying ? When a few weeks ago, a security researcher /Dragos Ruiu/ claimed malware dubbed /badBIOS allowed infected machines to communicate using sound waves alone, means that the devices are physically disconnected from any networks, including the internet, people said he was crazy.  But Now German Researchers have published a paperon how malware can be designed to cross the air gap by transmitting information through speakers and recording it via microphone. Rather than relying on TCP-IP, they used a network stack originally developed for underwater communication and the signal was propagated through the use of a software-defined modem based on the GNU Radio project.

- In a scenario based hacking, “/The infected victim sends all recorded keystrokes to the covert acoustical mesh network. Infected drones forward the keystroke information inside the covert network till the attacker is reached, who is now able to read the current keyboard input of the infected victim from a distant place./” paper explained. Malware that can Infect and transfer stolen data using Inaudible Audio signals
- In another scenario, the researchers used sound waves to send keystroke information to a network-connected computer, which then sent the information to the attacker via email.

While the research doesn’t prove Dragos Ruiu’s badBIOS claims, but it does show that even if the system is disconnected from any network, could still be vulnerable to attackers. However, I would like to appreciate /Dragos/ dedication about badBIOS research because this extraordinary concept was first introduced by him only. Researchers POC Malware is able to transfer data at 20 bits per second only, which is very low, but that's still capable of transferring your password or credit card number to the hacker in a few seconds.

Some basic countermeasures one can adopt to protect against such malware
are:
* Switching off the audio input and output devices from the system.
* Employ audio filtering that blocks high-frequency ranges.
* Using an Audio Intrusion Detection Guard.
Lets see how Antivirus companies will handle such threats to protect home users.

http://thehackernews.com/2013/12/Malware-Inaudible-Audio-signals-badbios-virus.html

No comments :

Post a Comment