Carding
Professional
- Messages
- 2,870
- Reaction score
- 2,488
- Points
- 113
Довольно интересная тема, хоть и далекая от СИ и кардинга. Сегодня мы поговорим о краже данных, но не посредством взлома или проникновения в сеть организации, а с помощью "скрытых" каналов связи.
Перейдем ближе к новости: Исследователи из Израильского университета выяснили, что оперативную память можно превратить в карту WiFi что позволяет красть данные по воздуху со скоростью 100 b/s.
• Как работает AIR-FI, ты можешь ознакомиться по ссылке:
https://www.zdnet.com/article/acade...-cards-to-steal-data-from-air-gapped-systems/
Так же, AIR-FI можно добавить в список скрытых каналов кражи данных:
• LED-it-Go (https://cyber.bgu.ac.il/advanced-cyber/system/files/LED-it-GO_0.pdf) - exfiltrate data from air-gapped systems via an HDD's activity LED;
• USBee (https://arxiv.org/abs/1608.08397) - force a USB connector's data bus give out electromagnetic emissions that can be used to exfiltrate data;
• AirHopper (https://arxiv.org/abs/1411.0237) - use the local GPU card to emit electromagnetic signals to a nearby mobile phone, also used to steal data;
• Fansmitter (https://arxiv.org/abs/1606.05915) - steal data from air-gapped PCs using sounds emanated by a computer's GPU fan;
• DiskFiltration (https://arxiv.org/abs/1608.03431) - use controlled read/write HDD operations to steal data via sound waves;
• BitWhisper (https://arxiv.org/abs/1608.03431) - exfiltrate data from non-networked computers using heat emanations;
• Unnamed attack (https://arxiv.org/abs/1703.07751) - uses flatbed scanners to relay commands to malware infested PCs or to exfiltrate data from compromised systems;
• GSMem (https://www.usenix.org/node/190937) - steal data from air-gapped systems using GSM cellular frequencies;
• xLED (https://arxiv.org/abs/1706.01140) - use router or switch LEDs to exfiltrate data;
• aIR-Jumper (https://arxiv.org/abs/1709.05742) - use a security camera's infrared capabilities to steal data from air-gapped networks;
• HVACKer (https://arxiv.org/abs/1703.10454) - use HVAC systems to control malware on air-gapped systems;
• MAGNETO (https://arxiv.org/abs/1802.02317) & ODINI (https://arxiv.org/abs/1802.02700) - steal data from Faraday cage-protected systems;
• MOSQUITO (https://arxiv.org/abs/1803.03422) - steal data from PCs using attached speakers and headphones;
• PowerHammer (https://arxiv.org/abs/1804.04014) - steal data from air-gapped systems using power lines;
• CTRL-ALT-LED (https://ieeexplore.ieee.org/document/8754078) - steal data from air-gapped systems using keyboard LEDs;
• BRIGHTNESS (https://arxiv.org/pdf/2002.01078.pdf) - steal data from air-gapped systems using screen brightness variations;
• AiR-ViBeR (https://arxiv.org/abs/2004.06195v1) - steal data using a computer's fan vibrations;
• POWER-SUPPLaY (https://arxiv.org/abs/2005.00395) - steal data by turning the power supply into a speaker;
Перейдем ближе к новости: Исследователи из Израильского университета выяснили, что оперативную память можно превратить в карту WiFi что позволяет красть данные по воздуху со скоростью 100 b/s.
• Как работает AIR-FI, ты можешь ознакомиться по ссылке:
https://www.zdnet.com/article/acade...-cards-to-steal-data-from-air-gapped-systems/
Так же, AIR-FI можно добавить в список скрытых каналов кражи данных:
• LED-it-Go (https://cyber.bgu.ac.il/advanced-cyber/system/files/LED-it-GO_0.pdf) - exfiltrate data from air-gapped systems via an HDD's activity LED;
• USBee (https://arxiv.org/abs/1608.08397) - force a USB connector's data bus give out electromagnetic emissions that can be used to exfiltrate data;
• AirHopper (https://arxiv.org/abs/1411.0237) - use the local GPU card to emit electromagnetic signals to a nearby mobile phone, also used to steal data;
• Fansmitter (https://arxiv.org/abs/1606.05915) - steal data from air-gapped PCs using sounds emanated by a computer's GPU fan;
• DiskFiltration (https://arxiv.org/abs/1608.03431) - use controlled read/write HDD operations to steal data via sound waves;
• BitWhisper (https://arxiv.org/abs/1608.03431) - exfiltrate data from non-networked computers using heat emanations;
• Unnamed attack (https://arxiv.org/abs/1703.07751) - uses flatbed scanners to relay commands to malware infested PCs or to exfiltrate data from compromised systems;
• GSMem (https://www.usenix.org/node/190937) - steal data from air-gapped systems using GSM cellular frequencies;
• xLED (https://arxiv.org/abs/1706.01140) - use router or switch LEDs to exfiltrate data;
• aIR-Jumper (https://arxiv.org/abs/1709.05742) - use a security camera's infrared capabilities to steal data from air-gapped networks;
• HVACKer (https://arxiv.org/abs/1703.10454) - use HVAC systems to control malware on air-gapped systems;
• MAGNETO (https://arxiv.org/abs/1802.02317) & ODINI (https://arxiv.org/abs/1802.02700) - steal data from Faraday cage-protected systems;
• MOSQUITO (https://arxiv.org/abs/1803.03422) - steal data from PCs using attached speakers and headphones;
• PowerHammer (https://arxiv.org/abs/1804.04014) - steal data from air-gapped systems using power lines;
• CTRL-ALT-LED (https://ieeexplore.ieee.org/document/8754078) - steal data from air-gapped systems using keyboard LEDs;
• BRIGHTNESS (https://arxiv.org/pdf/2002.01078.pdf) - steal data from air-gapped systems using screen brightness variations;
• AiR-ViBeR (https://arxiv.org/abs/2004.06195v1) - steal data using a computer's fan vibrations;
• POWER-SUPPLaY (https://arxiv.org/abs/2005.00395) - steal data by turning the power supply into a speaker;
