Israeli cyber security expert reveals the newest attack for stealing network data.
Security researchers at the Ben-Gurion University of the Negev (BGU) found that attackers can secretly obtain data (such as encryption keys, passwords and files) from extremely secure or air-gapped networks via the row of status LEDs that exists in networking devices such as LAN routers and switches.
I assume that you have noticed routers and switches flashing to show that data is being transferred and your Internet is connected. But a malware can infect your router and make the device LEDs to flash very fast in a series that an attacker or hacker with internal access to a remote or local camera, or with a light sensor hidden in the room, can record the LED’s sequences and decode the signals.
The Israeli cyber security researchers made their own malware application that is called xLED that is work by infecting the firmware of the router and enabled the attackers to steal network data.
The malware can make the router’s LEDs to flash quickly like 1,000 flashes per second for each LED. Since a normal router or switch holds six or more status LEDs, thousands of bits per second can be encoded.