#Hackers can steal data from air-gapped networks using a malware



A group of Israeli researchers has devised a new technique to exfiltrate data from a PC in an air-gapped network through malware controlled via scanners.



The team was composed of Ben Nassi, a graduate student at the Cyber Security Research Center at Ben-Gurion University, and his advisor Yuval Elovici, based on an idea of the prominent cryptographer Adi Shamir.
The technique could be used by hackers to establish a covert communication channel between a malicious code running on the target machine in an air-gapped network and the attacker.
The technique leverages a flatbed scanner used by the researchers to send commands to their malicious code running on the target victim’s network.
“Our method uses light transmitted by an attacker to a flatbed scanner, which is then extracted by a malware installed in the organisation.” reads the paper published by the researchers. ” Our method exploits an organisation’s scanner which serves as a gateway to the organisation, in order to establish a covert channel between a malware and an attacker. The attacker controlling the light source can be located far away from the targeted scanner”
In order to transfer data from an air-gapped network, researchers use a light source near the scanner that then receives the commands.
The scanner detects reflected light on its glass pane and translates it into binary and convert it into an image. Scanners are sensitive to any changes of light in the surrounding environment, even when a paper is on the glass or when the light source is infrared.

100723-N-9983H-006
PACIFIC OCEAN (July 23, 2010) An Evolved Sea Sparrow missile is launched from the aircraft carrier USS Carl Vinson (CVN 70). Carl Vinson is underway conducting operations off the coast of Southern California. (U.S. Navy photo by Mass Communication Specialist Seaman Matthew J. Haran/Released)
#AnonNews #AnonJekloy #AnonHQ #Hacking
Share on Google Plus

About ANON JEKLOY

    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment

loading...