The Ultrasonic, Air-gap Jumping Malware

This is fascinating! Open your mind and suppress scepticism for a moment...

Dragos Ruiu, a security consultant, has apparently been investigating malware that affects computer hardware at a very low level and, most interestingly, communicates with and 'heals' instances of itself on other machines using ultrasonic networking via the infected machines' speakers and microphones. It manages to bridge the air gap and send data between machines with no network or bluetooth hardware.

Ruiu said he arrived at the theory about badBIOS's high-frequency networking capability after observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer. The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine's power cord so it ran only on battery to rule out the possibility that it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine. Then, when Ruiu removed the internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped.

Just go and read about it. Even if it turns out to be a far fetched story, just the concept is pretty incredible.

And rather scary. It is halloween after all...

Henry BourneComment