google-site-verification: google30a059f9a075f398.html

MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange Data

CyberWisdom Safe Harbor Commentary on MOSQUITO Attack:

What is most likely to be an overlooked story from thehackernews.com looks to a team of security researchers that have demonstrated how the attackers stole data from the air gap voided computers protected in the Faraday cage and relaunched a new study showing how to install two (or more) units in the same room. The computer with the air gap inside hides and exchanges data through ultrasound.
Void computers are considered the safest settings, where the system is isolated from the Internet and local networks and requires physical access to access data via USB flash drives or other removable media.
The new technology MOSQUITO discovered by the research group of Ben Gurion University in Israel reversed the connected speakers (passive speakers, headphones or headphones) to microphones by using specific audio chip functions.

Two years ago, the same team of researchers demonstrated how an attacker could use malicious software to invert your headset (connected to an infected computer) to a microphone (such as an eavesdropping device) and eavesdrop on private conversations in your room.
Now, through its latest research [PDF], the team has taken their work to a new level and found a way to convert some of the speakers/headphones/earphones that were not originally used for microphones into listening devices – when standards The microphone is not present, muted, recorded or closed.

Air Jumping Computer Hacker

Since some speakers/headphones/headphones responded well to the near-ultrasonic range (18kHz to 24kHz), the researchers found that this hardware could be used in reverse as a microphone.
Also, when it comes to covert communications, it is clear that two computers cannot exchange data through audible sound using speakers and headphones. Therefore, inaudible ultrasound provides the best acoustic covert channel for communication between speakers and speakers.
Video demonstration of MOSQUITO attack

Ben Gurion’s Cyber Security Research Center, directed by 38-year-old Modikai Guri, uses ultrasonic transmission technology. Although the isolation is very high, two air-gap computers can talk to each other.
The attack scenario demonstrated by the researchers in the proof-of-concept video involved two gap computers in the same room that infected the malware in some way (using removable media) but could not exchange data between them to complete the attacker. Task.

The attack scenario includes communication between the speaker and the speaker, communication between the speaker and the earphone, and communication between the earphone and the earphone.
The researchers said: “Our results show that communication between the loudspeaker and the loudspeaker can be used to secretly transmit data between two gap computers that are at a distance of up to 9 meters from each other,” the researchers said.
“Also, we show that two (no microphones) headsets can exchange data at a distance of three meters.”
However, using the speaker, the researchers found that the data could be exchanged at a valid bit rate of 10 to 166 bits per second on a gap computer that is 8 meters away.

This is not the first time when Ben-Gurion researchers proposed a covert technology to target a gap computer. Their previous research on hacking computers has included:
The aIR-Jumper attack steals sensitive data from gap computers through an infrared-equipped CCTV camera (for night vision).
Using the RF transmission of the USB connector, USBee can be used to steal data from an air-gap computer.
DiskFiltration can use a sound signal from an air-gap computer’s hard disk drive (HDD) to steal data.
BitWhisper relies on hot swapping between two computers to steal passwords and security keys.
AirHopper converts the computer’s video card into an FM transmitter to capture keystrokes.
Fansmitter technology uses the noise from computer fans to transmit data.
GSMem attacks rely on cellular frequencies.

Read more…

The team of security researchers—who last month demonstrated how attackers could steal data from air-gapped computers protected inside a Faraday cage—are back with its new research showing how two (or more) air-gapped PCs placed in the same room can covertly exchange data via ultrasonic waves. Air-gapped computers are believed to be the most secure setup wherein the systems remain isolated… Engaging post, Read More…

thumbnail courtesy of thehackernews.com

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post » MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange Data