Air-ViBeR Attack Targets Air-Gapped Systems Using PC Vibrations crdclubsu, autovolhovru
Researchers have found another attack strategy targeting air-gapped systems. Dubbed as Air-ViBeR attack, this technique makes use of PC vibrations to steal data.
Researchers from the Ben-Gurion University of the Negev, Israel, have devised another attack method targeting air-gapped systems. This strategy, termed as Air-ViBeR attack, leverages PC vibrations due to the fans to steal information.
Briefly, they set up a malware dubbed ‘Air-ViBeR’ that can control the speed of a PC’s internal fans. They could then sense these malware-generated vibrations via smartphone’s accelerometers. Being a device sensor, any app can access the accelerometer without user permissions. Hence, an adversary can record all the vibrations via a malicious app installed on a smartphone placed on the same surface as that of the target air-gapped system. Consequently, this will allow the attacker to exfiltrate sensitive data from the target systems.
In a real-world scenario, an attacker merely has to infect the smartphone of an individual who would deal with the target sir-gapped system. Without being present to the proximity of the device, the attacker can steal the information.
Details about Air-ViBeR are available in the researchers’ white paper . See the following video how the attack would take place on an air-gapped system.
Although, this innovative attack method bears great potential to attack a target system successfully. The biggest limitation of this attack is its speed. According to researchers,
in a typical workplace scenario… data can be exfiltrated at a speed of half a bit per second via the covert vibrations.
This makes the attack presently unfeasible for an adversary unless the attacker is patient enough to wait for the information. This is even slower than the BRIGHTNESS attack which demonstrated a data transfer rate of 5-10 bps.
The researchers have also suggested some other countermeasures with their flaws (listed in the below table).