Chances are, if your computer is hooked up to the Internet, via a wire or wirelessly, you are vulnerable to hackers.Physically isolating the computer is one way to protect against such nefarious activities, and in the realm of cybersecurity, taking such anti-surveillance measures creates what’s known as an “air gap.” The only way the device’s security can be breached is if someone physically plants a bug on the machine via a USB drive, for example.
Researchers have developed a proof-of-concept malware that can infiltrate a closed network to lift data from a machine that has been kept completely isolated from the internet or any Wi-Fi connection by using little more than a mobile phone’s FM radio signals.
Researcher Mordechai Guri, along with Professor Yuval Elovici of Ben Gurion University, presented the research on Thursday in the 9th IEEE International Conference on Malicious and Unwanted Software (MALCON 2014) held at Denver.This new technology is known as ‘AirHopper’ — basically a keylogger app to track what is being typed on the computer or the mobile phone.
AirHopper is a special type of keylogger because it uses radio frequencies to transmit data from a computer, all by exploiting the computer’s monitor display, in order to evade air-gap security measures.
“This is the first time that a mobile phone is considered in an attack model as the intended receiver of maliciously crafted radio signals emitted from the screen of the isolated computer,” according to a release by Ben Gurion University.
“AirHopper demonstrates how textual and binary data can be exfiltrated from physically a (sic) isolated computer to mobile phones at a distance of 1-7 meters, with effective bandwidth of 13-60 (bytes per second). Enough to steal a secret password.”