As experts suggest, the best way to prevent your computer from being infected by malwares is to keep it offline, but how reliable it can be when you have already heard about Dragos Ruiu’s BadBios – the malware that can infect air-gapped systems by means of high-frequency sound waves? Is BadBIOS real?
Scientists have invented a malware prototype that can transmit data between computers that are not networked to each other, all by means of inaudible audio signals.
The malware can surreptitiously transmit keystrokes and other sensitive information even when the infected machines have no network connection. It uses high-frequency communication method to bridge the air gap – a type of security where network is kept secured by isolating from other local networks and the Internet.
In one of the experiment at Germany’s Fraunhofer Institute for Communication, Information Processing, and Ergonomics – the researchers were able to transmit passwords and other small amounts of data from distance of almost 65 feet, just by using the built-in microphones and speakers of standard computers.
The distance of data transmission can be intensified to much extent by using using an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.
Michael Hanspach, one of the authors wrote in an e-mail to Arc Technica:
“In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network. Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network.”
They also developed several ways to use inaudible sounds to transmit using two Lenovo T400 laptops using only their built-in microphones and speakers and found that the system of communication so-called Adaptive Communication System (ACS) to be the most effective technique.
This technique was created by the Research Department for Underwater Acoustics and Geophysics in Germany. This system was originally developed to acoustically transmit data under water. During the experiment, the ACS modem was able to transmit data between laptops as much as 19.7 meters (64.6 feet) apart.
The researchers also proposed the use of an audio intrusion detection guard – the kind of device that would forward audio input and output signals and store the guard’s internal state for further analysis.
And, about Dragos Ruiu’s claim about badBIOS infections – it’s not yet confirmed.
The finding was first published in Journal of Communications.
[Image Credit: Hanspach and Goetz via Arc Technica]