New “Air-ViBeR” Attack Strategy Targets Air-gapped Systems

  •  
  •  
  •  
  • 2
  •  
  •  
  •  
    2
    Shares

Researchers have found another attack strategy targeting air-gapped systems. Dubbed as Air-ViBeR attack, this technique makes use of PC vibrations to steal data.

Air-ViBeR Attack Stealing Data

Researchers from the Ben-Gurion University of the Negev, Israel, have devised another attack method targeting air-gapped systems. This strategy, termed as Air-ViBeR attack, leverages PC vibrations due to the fans to steal information.

Briefly, they set up a malware dubbed ‘Air-ViBeR’ that can control the speed of a PC’s internal fans. They could then sense these malware-generated vibrations via smartphone’s accelerometers. Being a device sensor, any app can access the accelerometer without user permissions. Hence, an adversary can record all the vibrations via a malicious app installed on a smartphone placed on the same surface as that of the target air-gapped system. Consequently, this will allow the attacker to exfiltrate sensitive data from the target systems.

In a real-world scenario, an attacker merely has to infect the smartphone of an individual who would deal with the target sir-gapped system. Without being present to the proximity of the device, the attacker can steal the information.

Most modern smartphones have accelerometer sensors installed. Accessing this sensor requires no explicit user permissions on both iOS and Android. Any app installed on the phone or even JavaScript code from the web browser can access these sensors. All these factors expand the feasibility of the attack.

Details about Air-ViBeR are available in the researchers’ white paper. See the following video how the attack would take place on an air-gapped system.

Air-ViBeR Is ‘Smart’ But Not ‘Fast’

Although, this innovative attack method bears great potential to attack a target system successfully. The biggest limitation of this attack is its speed. According to researchers,

in a typical workplace scenario… data can be exfiltrated at a speed of half a bit per second via the covert vibrations.

This makes the attack presently unfeasible for an adversary unless the attacker is patient enough to wait for the information. This is even slower than the BRIGHTNESS attack which demonstrated a data transfer rate of 5-10 bps.

The researchers have also suggested some other countermeasures with their flaws (listed in the below table).

countermeasures for AirViBeR attack

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!