Number: IRCNE2015082595
Date: 2015/08/09
According to “computerworld”, a group of researchers have figured out how to turn the computer into a cellular transmitter, leaking bits of data that can be picked up by a nearby low-end mobile phone.
While other research has shown it possible to steal data this way, some of those methods required some hardware modifications to the computer.
Their research, which will be featured next week at the 24th USENIX Security Symposium in Washington, D.C., is the first to show it's possible to steal data using just specialized malware on the computer and the mobile phone.
The air-gapped computer that is targeted does need to have a malware program developed by the researchers installed. That could be accomplished by creating a type of worm that infects a machine when a removable drive is connected.
The malware, called GSMem, acts as a transmitter on an infected computer. It creates specific, memory-related instructions that are transmitted between a computer's CPU and memory, generating radio waves at GSM, UMTS and LTE frequencies that can be picked up by a nearby mobile device.
"Because our malware has such a small footprint in the memory, it would be very difficult and can easily evade detection," said Mordechai Guri, also a doctoral student at Ben-Gurion.
Using a smartphone with a more powerful antenna and processor could tick up the data transfer speeds and increase the distance from which the attack could be conducted.
Some of the defenses are easy: Ban all phones, smartphones or not, from sensitive areas. Other options would be to jam cellular signals or use Faraday cages -- which are enclosures that use metal to dissipate electronic signals -- in certain areas, Mirsky said.
- 5