Home Security Air-Gapped Gadgets Can Ship Covert Morse Alerts through Community Card LEDs

Air-Gapped Gadgets Can Ship Covert Morse Alerts through Community Card LEDs

by crpt os


A security researcher who has a long line of work demonstrating novel data exfiltration methods from air-gapped systems has come up with yet another technique that involves sending Morse code signals via LEDs on network interface cards (NICs).

The approach, codenamed ETHERLED, comes from Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Center in the Ben Gurion University of the Negev in Israel, who recently outlined GAIROSCOPE, a method for transmitting data ultrasonically to smartphone gyroscopes.

CyberSecurity

“Malware installed on the device could programmatically control the status LED by blinking or alternating its colors, using documented methods or undocumented firmware commands,” Dr. Guri said.

“Information can be encoded via simple encoding such as Morse code and modulated over these optical signals. An attacker can intercept and decode these signals from tens to hundreds of meters away.”

air-gapped

A network interface card, also known as a network interface controller or network adapter, is a computer hardware component that connects a computer to a computer network. LEDs integrated into the network connector notify the user of whether the network is connected, and when data activity occurs.

ETHERLED, like other adversarial approaches against air-gapped systems, requires the intruder to breach the target environment and plant malicious code that makes it possible to control the NIC LEDs.

The second phase of the attack relates to data collection and exfiltration, during which sensitive information is encoded and sent over an optical covert channel by using the network card’s status LEDs.

In the final stage, the optical signals are received via a hidden camera that’s positioned in a location with a direct line of sight with the compromised transmitting computer. Alternatively, the camera could also be a surveillance camera that’s vulnerable to remote exploitation or a smartphone that involves a rogue insider.

CyberSecurity

The attack can be used to leak various types of information, including passwords, RSA encryption keys, keystrokes, and textual content, to cameras located anywhere between 10m and 50m, a distance that can be further extended to a few hundred meters by using a telescope and special focus lenses.

Network Card LEDs

What’s more, the ETHERLED method is designed to work with peripherals or hardware that are shipped with Ethernet cards, such as printers, network cameras, network-attached storage (NAS) devices, embedded systems, and other IoT devices.

Countermeasures include restricting cameras and video recorders in sensitive zones, covering the status LEDs with black tape to block the optical emanation physically, reprogramming the software to defeat the encoding scheme, and jamming the environment to add random noise to the modulated signals.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex