Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
The silent scream of pixels allows you to bypass any air gaps.
Researchers at Ben-Gurion University in Israel have identified a new way to hack network-isolated computers called PIXHELL. This attack allows attackers to steal sensitive information by exploiting the sound noise created by the pixels of a computer monitor.
The essence of the attack is that special malicious software installed on the target computer generates special pixel patterns, thereby creating clear sound signals that can be transmitted without the use of external audio devices, but barely perceptible to the human ear.
Dr. Mordechai Guri, head of the Offensive Cyber Research Lab, explained that noise is created in the range from 0 to 22 kHz due to vibrations caused by the work of coils and capacitors in the screens. These acoustic signals, as it turned out, can encode and transmit important data.
The peculiarity of the PIXHELL attack is that it does not require any special equipment. Acoustic signals are generated using a standard LCD display, which makes the attack possible on any computer with a monitor of this type. And any computer or laptop with a built-in microphone is suitable for receiving a signal.
In fact, PIXHELL works by using the vibrations of the display components to create sound signals. These vibrations occur when an electric current passes through the coils and capacitors of the screen, causing a noise known as "coil squeaking." Attackers can manipulate pixel patterns on the screen to control the frequency of audio signals and transmit information.
However, the strength and quality of the transmitted data depend on the design of the screen and its internal components. In addition, the attack can be noticeable to the user, since it involves displaying black and white bars, the order of which is constantly changing.
In order to hide the traces, attackers can launch attacks at night or reduce the brightness of pixels to minimum values, which makes the image almost black, but still forces the display to generate the necessary sounds.
Air Gap is an important safety measure used in critical industries to fully protect equipment from external threats. A computer protected by this technology is not connected to the Internet or a local network, but it is still vulnerable to external attacks that can be initiated by "dispatched Cossacks" and other ill-wishers.
According to Dr. Gouri, attackers can use a variety of social engineering techniques to mislead users and gain access to isolated systems. One way could be to infect a USB drive, which is then plugged into the computer by anyone in the company gullible enough to do so.
We have seen similar attacks many times before, and the last one was talked about just a couple of days ago. So, the method, called RAMBO, uses acoustic channels to leak data from devices. And although some of these attacks are very subtle, they can still be detected by an attentive user. To prevent such threats, it is recommended to use acoustic jammers, monitor audio signals, and restrict physical access to computers.
PIXHELL is just one of several studies by Dr. Guri that have explored ways to circumvent protective measures. He has previously investigated the possibility of data leakage through computer fans, hard drives, optical drives, and power supplies.
Source
Researchers at Ben-Gurion University in Israel have identified a new way to hack network-isolated computers called PIXHELL. This attack allows attackers to steal sensitive information by exploiting the sound noise created by the pixels of a computer monitor.
The essence of the attack is that special malicious software installed on the target computer generates special pixel patterns, thereby creating clear sound signals that can be transmitted without the use of external audio devices, but barely perceptible to the human ear.
Dr. Mordechai Guri, head of the Offensive Cyber Research Lab, explained that noise is created in the range from 0 to 22 kHz due to vibrations caused by the work of coils and capacitors in the screens. These acoustic signals, as it turned out, can encode and transmit important data.
The peculiarity of the PIXHELL attack is that it does not require any special equipment. Acoustic signals are generated using a standard LCD display, which makes the attack possible on any computer with a monitor of this type. And any computer or laptop with a built-in microphone is suitable for receiving a signal.
In fact, PIXHELL works by using the vibrations of the display components to create sound signals. These vibrations occur when an electric current passes through the coils and capacitors of the screen, causing a noise known as "coil squeaking." Attackers can manipulate pixel patterns on the screen to control the frequency of audio signals and transmit information.
However, the strength and quality of the transmitted data depend on the design of the screen and its internal components. In addition, the attack can be noticeable to the user, since it involves displaying black and white bars, the order of which is constantly changing.
In order to hide the traces, attackers can launch attacks at night or reduce the brightness of pixels to minimum values, which makes the image almost black, but still forces the display to generate the necessary sounds.
Air Gap is an important safety measure used in critical industries to fully protect equipment from external threats. A computer protected by this technology is not connected to the Internet or a local network, but it is still vulnerable to external attacks that can be initiated by "dispatched Cossacks" and other ill-wishers.
According to Dr. Gouri, attackers can use a variety of social engineering techniques to mislead users and gain access to isolated systems. One way could be to infect a USB drive, which is then plugged into the computer by anyone in the company gullible enough to do so.
We have seen similar attacks many times before, and the last one was talked about just a couple of days ago. So, the method, called RAMBO, uses acoustic channels to leak data from devices. And although some of these attacks are very subtle, they can still be detected by an attentive user. To prevent such threats, it is recommended to use acoustic jammers, monitor audio signals, and restrict physical access to computers.
PIXHELL is just one of several studies by Dr. Guri that have explored ways to circumvent protective measures. He has previously investigated the possibility of data leakage through computer fans, hard drives, optical drives, and power supplies.
Source
