It may sound creepy and unreal, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with The Hacker News revealed.
In recent years, several cybersecurity researchers demonstrated innovative ways to covertly exfiltrate data from a physically isolated air-gapped computer that can’t connect wirelessly or physically with other computers or network devices.
These clever ideas rely on exploiting little-noticed emissions of a computer’s components, such as light, sound, heat, radio frequencies, or ultrasonic waves, and even using the current fluctuations in the power lines.
For instance, potential attackers could sabotage supply chains to infect an air-gapped computer, but they can’t always count on an insider to unknowingly carry a USB with the data back out of a targeted facility.
When it comes to high-value targets, these unusual techniques, which may sound theoretical and useless to many, could play an important role in exfiltrating sensitive data from an infected but air-gapped computer.
How Does the Brightness Air-Gapped Attack Work?
In his latest research with fellow academics, Mordechai Guri, the head of the cybersecurity research center at Israel’s Ben Gurion University, devised a new covert optical channel using which attackers can steal data from air-gapped computers without requiring network connectivity or physically contacting the devices.
“This covert channel is invisible, and it works even while the user is working on the computer. Malware on a compromised computer can obtain sensitive data (e.g., files, images, encryption keys, and passwords), and modulate it within the screen brightness, invisible to users,” the researchers said.
The fundamental idea behind encoding and decoding of data is similar to the previous cases, i.e., malware encodes the collected information as a stream of bytes and then modulate it as ‘1’ and ‘0’ signal.
images from Hacker News