【数据无人机可通过电脑上LED灯和耳机窃取用户信息】

【数据无人机可通过电脑上LED灯和耳机窃取用户信息】一般的信息窃取是恶意软件通过USB驱动或者SD卡,现在数据无人机则可以通过电脑上LED指示灯的闪烁,也可通过链接电脑上的耳机捕捉空气中的震动,转换成电磁信号,进行编码进而转化成信息数据,目前专家们研究出一种方法,用Air gap的形式,即网络不连通的情况下实现数据传输和资源共享。

Hackers can steal your information simply by analyzing the LED lights on your computer

  • Attacker must plant malware on computer via a USB drive or SD card
  • Drone flies outside window with computer and analyzes the blinking LED lights
  • Lights create a Morse code-like pattern that can be translated into data
  • Experts suggests a method that disconnects sensitive computers from the web 

A new hack has been discovered that gathers sensitive information from a desktop computer's tiny blinking LED lights.

Researchers have successfully extracted a computer's secrets using a data-stealing drone that is capable of recording the Morse code-like patterns of LED indicators.

However, the team has also devised a strategy to combat the hack – a security measure that takes sensitive computer systems off the internet.

25

The hack and solution were discovered by a team at Ben-Gurion University (BGU) in Beersheba, Israel, which explained that the hack is more complex than just flying a drone to catch the blinking light.

Attackers must first have to plant malware on the system via USB or SD card in order for the drone to gather the information.

'If an attacker has a foothold in your air-gapped system, the malware still can send the data out to the attacker,' Dr. Mordechai Guri, head of research and development at BGU’s Cyber Security Research Center, told Wired.

'We found that the small hard drive indicator LED can be controlled at up to 6,000 blinks per second.

'We can transmit data in a very fast way at a very long distance.'

However, because the team found the attack, they thought it would only be right to find a solution.

Dr. Guri and his colleagues devised a method they call 'air gap', which ultimately disconnects the sensitive computer from the internet – hindering attackers' ability to gather any information from the blinking LED lights.

'If an attacker has a foothold in your air-gapped system, the malware still can send the data out to the attacker,' Dr. Guri, told Wired.

'We found that the small hard drive indicator LED can be controlled at up to 6,000 blinks per second. We can transmit data in a very fast way at a very long distance.'

Exploiting the computer's hard drive indicator LED has the potential to be an even stealthier, higher-bandwidth and longer-distance form of air-gap-hopping communications.

By transmitting data from a computer's hard drive LED with Morse code-like patterns of on and off signals, the researchers found they could move data as fast as 4,000 bits per second, or close to a megabyte every half hour.

26

A separate team at the university found a hack that uses your computer headphones against you.

Researcher designed a code called 'Speake(a)r, which 'retasks' a computer's outputs to inputs - allowing them to record audio even when the headphones were in the output-only jack.

27

The team used a pair of headphones to capture vibrations in the air and converted them to electromagnetic signals to record audio from 20 feet across a room.

'The fact that headphones, earphones and speakers are physically built like microphones and that an audio port's role in the PC can be reprogrammed from output to input creates a vulnerability that can be abused by hackers,' says Prof. Yuval Elovici, director of the BGU Cyber Security Research Center (CSRC) and member of BGU's Department of Information Systems Engineering.

原文链接:http://www.dailymail.co.uk/sciencetech/article-4250910/Hackers-steal-data-LED-lights-computer.html


Comments are closed.



无觅相关文章插件