Security News > 2023 > March > CASPER attack steals data using air-gapped computer's internal speaker
Researchers at the School of Cyber Security at Korea University, Seoul, have presented a new covert channel attack named CASPER can leak data from air-gapped computers to a nearby smartphone at a rate of 20bits/sec.
The CASPER attack leverages the internal speakers inside the target computer as the data transmission channel to transmit high-frequency audio that the human ear cannot hear and convey binary or Morse code to a microphone up to 1.5m away.
The malware will encode the data to be exfiltrated from the target in binary or Morse code and transmit it through the internal speaker using frequency modulation, achieving an imperceptible ultrasound in a range between 17 kHz and 20 kHz.
A solution to the slow data rate would be to vary the frequency band for multiple simultaneous transmissions; however, internal speakers can only produce sound in a single frequency band, so the attack is practically limited.
The researchers shared ways to defend against the CASPER attack, with the simplest being to remove the internal speaker from mission-critical computers.
Xenomorph Android malware now steals data from 400 banks.