Exfiltrating Data from Air-Gapped Computers via Wi-Fi Signals (Without Wi-Fi Hardware)

2020-12-15 01:20

A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel-surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems.

Dubbed "AIR-FI," the attack hinges on deploying a specially designed malware in a compromised system that exploits "DDR SDRAM buses to generate electromagnetic emissions in the 2.4 GHz Wi-Fi bands" and transmitting information atop these frequencies that can then be intercepted and decoded by nearby Wi-Fi capable devices such as smartphones, laptops, and IoT devices before sending the data to remote servers controlled by an attacker.

Air-gapped computers - machines with no network interfaces - are considered a necessity in environments where sensitive data is involved in an attempt to reduce the risk of data leakage.

AIR-FI is unique in that the method neither relies on a Wi-Fi transmitter to generate signals nor requires kernel drivers, special privileges such as root, or access to hardware resources to transmit the data.

The AIR-FI malware shows "How attackers can exfiltrate data from air-gapped computers to a nearby Wi-Fi receiver via Wi-Fi signals," he added.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/k8wMtf_7qnQ/exfiltrating-data-from-air-gapped.html

#signal #wifi