fbpx
 
Home / News, Videos & Publications / News / Homeland & Cyber Security /

New Malware Turns Computer Into a Cellular Antenna

New Malware Turns Computer Into a Cellular Antenna

August 13, 2015

Homeland & Cyber Security

Computerworld — A group of BGU cyber security researchers have improved on a way to steal data from air-gapped computers, thought to be safer from attack due to their isolation from the Internet.

They’ve figured out how to turn the computer into a cellular transmitter, leaking bits of data that can be picked up by a nearby low-end mobile phone.

While other research has shown it possible to steal data this way, some of those methods required some hardware modifications to the computer. This attack uses ordinary computer hardware to send out the cellular signals.

BGU researchers have figured out how to steal data from an air-gapped computer without hardware modifications.

BGU researchers have figured out how to steal data from an air-gapped computer without hardware modifications.

“If somebody wanted to get access to somebody’s computer at home — let’s say the computer at home wasn’t per se connected to the Internet — you could possibly receive the signal from outside the person’s house,” says Yisroel Mirsky, a doctoral student at Ben-Gurion University and co-author of the research study.

The air-gapped computer that is targeted does need to have a malware program developed by the researchers installed. This could be accomplished by creating a type of worm that infects a machine when a removable drive is connected. It’s believed this method was used to deliver Stuxnet, the malware that sabotaged Iran’s uranium centrifuges.

The malware, called GSMem, acts as a transmitter on an infected computer. It creates specific, memory-related instructions that are transmitted between a computer’s CPU and memory, generating radio waves at GSM, UMTS and LTE frequencies that can be picked up by a nearby mobile device.

The research was conducted by Mirsky along with lead researcher Ph.D. student Mordechai Guri, Assaf Kachlon, Ofer Hasson, and Gabi Kedma, supervised by Prof. Yuval Elovici, director of BGU’s Cyber Security Research Center.

It will be featured this week at the 24th USENIX Security Symposium in Washington, D.C.

Read more on the Computerworld website >>