Matsuda Posted December 2, 2013 Share Posted December 2, 2013 Computer scientists have developed malware that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics, recently disclosed their findings in a paper published in the Journal of Communications. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied on software originally developed to acoustically transmit data under water. Created by the Research Department for Underwater Acoustics and Geophysics in Germany, the so-called adaptive communication system (ACS) modem was able to transmit data between laptops as much as 19.7 meters (64.6 feet) apart. By chaining additional devices that pick up the signal and repeat it to other nearby devices, the mesh network can overcome much greater distances.The ACS modem provided better reliability than other techniques that were also able to use only the laptops' speakers and microphones to communicate. Still, it came with one significant drawback—a transmission rate of about 20 bits per second, a tiny fraction of standard network connections. The paltry bandwidth forecloses the ability of transmitting video or any other kinds of data with large file sizes. The researchers said attackers could overcome that shortcoming by equipping the trojan with functions that transmit only certain types of data, such as login credentials captured from a keylogger or a memory dumper."This small bandwidth might actually be enough to transfer critical information (such as keystrokes)," Hanspach wrote. "You don't even have to think about all keystrokes. If you have a keylogger that is able to recognize authentication materials, it may only occasionally forward these detected passwords over the network, leading to a very stealthy state of the network. And you could forward any small-sized information such as private encryption keys or maybe malicious commands to an infected piece of construction."Remember Flame?The hurdles of implementing covert acoustical networking are high enough that few malware developers are likely to add it to their offerings anytime soon. Still, the requirements are modest when measured against the capabilities of Stuxnet, Flame, and other state-sponsored malware discovered in the past 18 months. And that means that engineers in military organizations, nuclear power plants, and other truly high-security environments should no longer assume that computers isolated from an Ethernet or Wi-Fi connection are off limits.The research paper suggests several countermeasures that potential targets can adopt. One approach is simply switching off audio input and output devices, although few hardware designs available today make this most obvious countermeasure easy. A second approach is to employ audio filtering that blocks high-frequency ranges used to covertly transmit data. Devices running Linux can do this by using the advanced Linux Sound Architecture in combination with the Linux Audio Developer's Simple Plugin API. Similar approaches are probably available for Windows and Mac OS X computers as well. The researchers also proposed the use of an audio intrusion detection guard, a device that would "forward audio input and output signals to their destination and simultaneously store them inside the guard's internal state, where they are subject to further analyses."Source Link to comment Share on other sites More sharing options...
Ambrocious Posted December 3, 2013 Share Posted December 3, 2013 (edited) There appears to be an entire underbelly of covert spying taking place, and no method of communication is apparently off the table. If you can imagine it and it is a form of communication or a known method used to communicate, it's probably already being exploited covertly as we speak. The surveillance grid is multifaceted; being built by both private contractors for hire and other groups employed to build a compartmentalized system of spying.Compartmentalization is a method used in governments or any power structure that is able to rule simply by restricting knowledge of common things. I'm assuming that the USA government reasoned that it was a good idea to compartmentalize the technology field inside of the control of the NSA and other covert spying agencies. Little groups break up and create new ways to secretly transmute data and convert it for later viewing. Each group is most likely unaware of what other groups do but the person in charge of both groups knows what both groups are doing and both groups come together to form just a small chasm of the intricate surveillance grid in place. The boss of all of the teams probably has a boss, and so on and so fourth. Probably only a small team of people are at the very top; gathering the data they need and able to see this operational spy grid nearly as though it were a weapon. If you can manage to hear everything and collect all the data, you hold a supremacy of information. Who controls or hires THESE elite hackers, now THAT I'd like to know.The reason we are all finding this out now that it's pretty much been leaked is for the purpose of intimidation and a chilling effect over the people in general. If people realize that nearly everything they do is being spied on and there isn't anything they can do about it, they lose hope and feel very small. The government here and other governments abroad are successfully doing this to their populations and of course they expect resistance and so they deploy their best distraction yet to quell the dissenters: The Race Card. Anytime they want to control people they just have to use thier branches of media like CNN and MSNBC and others to inform you just who are the bad people. Rather than see that Obama is a traitor against his own country, there are countless amounts of trendy people who would rather call you racist than accept the truth.The truth is that the whole planet is in a lot of trouble. The only thing that is going to help us all now is to choose to do the right thing even if or when it's made illegal. Edited December 3, 2013 by Ambrocious Link to comment Share on other sites More sharing options...
kn_andre Posted December 3, 2013 Share Posted December 3, 2013 ...... And here we go again .............. Link to comment Share on other sites More sharing options...
janedoe Posted December 3, 2013 Share Posted December 3, 2013 (edited) On the previous couple of BadBIOS threads I seem to remember lots of people making fun of Dragos' claims (not about BadBIOS per se but specifically that air-gapped PCs disconnected from ethernet/wifi/bluetooth can still communicate), yet this research adds to previous proof that such things are not as far-fetched as people thought. Perhaps all the naysayers would now care to respond? (Not that I expect them to, since truth is always a bitter pill to swallow.) Edited December 3, 2013 by janedoe Link to comment Share on other sites More sharing options...
bigcid10 Posted December 4, 2013 Share Posted December 4, 2013 Comeooon Man!!!!!be for real ! Link to comment Share on other sites More sharing options...
truemate Posted December 13, 2013 Share Posted December 13, 2013 Using the microphones and speakers that come standard in many of today's laptop computers and mobile devices, hackers can secretly transmit and receive data using high-frequency audio signals that are mostly inaudible to human ears, a new study shows.Michael Hanspach and Michael Goetz, researchers at Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics, recently performed a proof-of-concept experiment that showed that "covert acoustical networking," a technique which had been hypothesized but considered improbable by most experts, is indeed possible.Their findings, detailed in a recent issue of the Journal of Communications, could have major implications for electronic security."If you have a high demand for information security and assurance, you would need to prepare countermeasures," Hanspach wrote in an email to Inside Science.In particular, it means "air-gapped" computers — that is, computers that are not connected to the Internet — are vulnerable to malicious software designed to steal or corrupt data."This is indeed a newsworthy development," said retired Navy Capt. Mark Hagerott, a cybersecurity professor at the U.S. Naval Academy in Annapolis, Md.In their experiments, Hanspach and Goetz were able to transmit small packets of data between two air-gapped Lenovo business laptops separated by distances of up to about 65 feet (20 meters). Moreover, by chaining additional devices that picked up the audio signal and repeated it to other nearby devices, the researchers were able to create a "mesh network" that relayed the data across much greater distances. Importantly, the researchers were able to emit and record the ultrasonic and near-ultrasonic frequencies, which cannot be detected by humans, using the sound processor, speakers and microphone that came standard with the laptops.While not practical for transmitting video or other large files, this low transmission rate is still sufficient for sending and receiving keystrokes and other sensitive data such as private encryption keys or login credentials.Source Link to comment Share on other sites More sharing options...
Chancer Posted December 13, 2013 Share Posted December 13, 2013 I'm sure I've seen this before and most members discredited it. Link to comment Share on other sites More sharing options...
stylemessiah Posted December 13, 2013 Share Posted December 13, 2013 Last time something similar came our way it was some bullshit about BIOS hacking with wireless signals...and that machines were vulnerable even with the power cords disconnected...that last part about not needing to be powered was enough to rate a bullshit rating.What boggles me is why, even if this was true, you would bother, theres far faster and more stable existing technologies that can be easily hacked...oh wait ive just added another reason why this is bullshit.... Link to comment Share on other sites More sharing options...
Dodel Posted December 13, 2013 Share Posted December 13, 2013 (edited) Computer scientists have brewed up prototype malware that's capable of communicating across air gaps using inaudible sounds.The mesh network capable of covertly communicating without wireless or wired connections was developed by Michael Hanspach and Michael Goetz. It borrows its founding principles from established systems for robust underwater communication.In the system, communications could be maintained over multiple hops for purposes including managing malware-infected machines, as the abstract of a paper for a recent edition of the Journal of Communications explains. The researchers go on to outline possible countermeasures against such fiendish malware, including shielding systems from exposure to high frequency sounds.Source: http://www.theregister.co.uk/2013/12/05/airgap_chatting_malware/Technical Documentation on this: http://www.jocm.us/uploadfile/2013/1125/20131125103803901.pdfIn this article, we specifically target covert communications over acoustical emanations, utilizing speakers and microphones (available in commonly available computingsystems). Edited December 13, 2013 by Dodel Link to comment Share on other sites More sharing options...
Holmes Posted December 23, 2013 Share Posted December 23, 2013 (edited) On the previous couple of BadBIOS threads I seem to remember lots of people making fun of Dragos' claims (not about BadBIOS per se but specifically that air-gapped PCs disconnected from ethernet/wifi/bluetooth can still communicate), yet this research adds to previous proof that such things are not as far-fetched as people thought. Perhaps all the naysayers would now care to respond? (Not that I expect them to, since truth is always a bitter pill to swallow.)According to this badbios isnt so much a fabrication:http://www.theregister.co.uk/2013/12/16/nsa_alleges_bios_plot_to_destroy_pcs/This is aweful I guess china really hates us or someone around us.. Edited December 23, 2013 by Holmes Link to comment Share on other sites More sharing options...
Recommended Posts