November 2, 2014 by

AirHopper: Remotely Stealing Information from Offline Computers Using FM Waves

To protect some extremely sensitive information, many companies and government agencies have decided to keep some of their computers completely offline. This means no WiFi, no LAN, or any other sort of communication with the outside at all. But even these extreme security precautions are not going to stand in the way of progress.

A team of security researchers at the Cyber Security Labs at the Ben Gurion University, Israel, have come up with a way to remotely read information from a super-secure offline computer using nothing but FM radio waves. Mordechai Guri and Yuval Elovici presented their research at the IEEE International conference this Thursday and even provided a proof-of-concept malware named AirHopper.

The precise mechanics of this sort of snooping app are complicated. Simplified, in essence, when installed on a smartphone, the malware picks up on the radio emissions from the screen of the computer in question. The data is picked up at a bandwidth of 13-60 bytes per second and have an effective range of 1-7 meters, which is “enough to steal a secret password,” as one of the researchers points out. The team said they developed it to prepare for this sort of an attack in the future.

The video below demonstrates this process:

 

 

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Hackers Steal $400,000 of Cryptocurrency in DNS Hijack

Unknown hackers have hijacked the DNS server for web-based wallet application BlackWallet, an online...

Read more arrow_forward

47 Million Emails/Day: Necurs Botnet Launches Massive Ransomware Campaign

A cybersecurity firm has revealed it has blocked as many as 47 million emails per day spewed by the...

Read more arrow_forward

Cybercriminals Spoof Millions of Printers, Scanners to Spread Malware

Security researchers have discovered cybercriminals spoofing millions of scanners to launch attacks...

Read more arrow_forward