Israeli researchers can steal developed a method by which malware through heat data from computers that are not connected to the Internet. BitWhisper , as the researchers from Ben Gurion University call their attack, uses the built-in thermal sensors of computers and the heat power , processor, video card and other dispensing components.
To carry out the attack, the computer that is not connected to the Internet become newly infected with malware. This could for instance via a USB stick. In addition, should read this computer next to a computer that is connected to the Internet and also been infected. The malware on the offline computer can then communicate through the heat sensor with the heat sensor of the online computer, somewhat similar to Morse code.
By allowing the temperature of the system increases and lowering the malware can forward information to the receiving system. In their model, the researchers got the first heat rise by one degree, to which in turn let to normal temperature bags.To find infected computers around the malware can periodically "ping heat" issue, for example, to determine whether a government employee has placed an infected laptop near.
The two systems can subsequently infected via the "heat-ping", which the temperature is increased by one degree, to exchange a handshake and thus set up a connection. At this time can be exchanged using this attack method only 8 bits of data per hour, reports Wired . Thus, an attacker could send a password or a secret key, but no large amounts of data.
In addition, the attack only works when the systems up to 40 centimeters far apart. According to the researchers, there are many organizations where there are multiple computers on one desk next to each other. One that is connected to the Internet, and one that is connected to an internal network. Soon the researchers will publish a report on their research. On YouTube is now a demonstration video in which one infected computer via heat signals can operate the USB rocket launcher from another infected computer.
No comments:
Post a Comment