Vote 2020 graphic
Everything you need to know about and expect during
the most important election of our lifetimes

New Malware Can Jump Air Gaps Using Inaudible Sound

Illustration for article titled New Malware Can Jump Air Gaps Using Inaudible Sound

A team of computer scientists has developed a new breed of malware, which can leap between devices using inaudible audio signals—then covertly transmit passwords and other sensitive data without a network connection.

Advertisement

Using just built-in microphones and speakers, the researchers can transmit passwords and other small quantities data over distances of 65 feet. Talking to Ars Technica, the computer scientists, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics, explained:

"In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network. Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other."

Advertisement

The inaudible sound, borrowed from techniques used to acoustically transmit data under water, allowed the team to transmit data between two Lenovo T400 laptops using just their built-in microphones and speakers. They could only achieve a data rate of 20 bits per second, but that's plenty enough to grab passwords and the like, as they write in a paper published in the Journal of Communications. Again, the researchers explain:

"This small bandwidth might actually be enough to transfer critical information (such as keystrokes). You don't even have to think about all keystrokes. If you have a keylogger that is able to recognize authentication materials, it may only occasionally forward these detected passwords over the network, leading to a very stealthy state of the network. And you could forward any small-sized information such as private encryption keys or maybe malicious commands to an infected piece of construction."

In incredibly sensitive environments, computers are often left with air gaps between them so physical contact can't be used to transmit malware. This research means that might not be quite as fail-safe in the future—unless you just disable their audio capabilities, that is. [Journal of Communications via Ars Technica]

Image credit: Markus Gann/Shutterstock

Advertisement

Share This Story

Get our newsletter

DISCUSSION

And how does one get this "transceiver" capability ONTO the other side of the air gap, eh?

What they actually did is a proof of concept of the software equivalent of "sleeper agent". You have to get the transceiver onto the target computer first... PAST the air gap. THEN you can control it via this ULF from beyond the air gap. Sleeper agent because transceiver does nothing until given a command.

But that's really no different than getting Sam Fisher (Splinter Cell) planting a bug inside the enemy network, is it?

Frankly, it'd be easier to embed tiny variations in the normal "windows beep". Nobody bats an eye at a random Windows error message and a difference nobody can hear. However, when recorded (via a cell phone?) and compared with a normal sample the difference can be decoded into a string.