Article - Hacking using inaudible sound(speaker/mic)

me3000 · 12-05-2013, 01:29 AM

I came across a pretty cool article about some major out of the box hacking...

Experimental malware uses inaudible sound to defeat network air gaps:
http://www.networkworld.com/news/2013/12...2013-12-04

Now if anyone can post this software with a tutorial just for a very cool lab experiment to test out, I would love to see it!!!

w00t · 12-05-2013, 07:31 AM

For this to work, you would need to have control of two computers in close physical proximity to each other, one being airgapped and one not. This never happens in any serious application of airgapping. The government standard for airgapping is to have an entire room shielded from any kind of incoming transmission.

Satan · 12-11-2013, 05:27 PM

My question is whether or not this would have actual practical application. Would it actually work on a wide range of computers?
I can't imagine a computer automatically changing audio sounds into data transfer without having some sort of program that assists it.
Sorry if this is an obvious question, I've never heard of something like this before.

w00t · 12-12-2013, 04:32 AM

That's the idea, you infect both the "airgapped" computer and a nearby non-airgapped computer, then have them communicate via sound.

Satan · 12-12-2013, 04:56 AM

(12-12-2013, 04:32 AM)w00t Wrote: That's the idea, you infect both the "airgapped" computer and a nearby non-airgapped computer, then have them communicate via sound.

Oh, so it could be useful if a computer goes onto a closed network, or if it goes offline, yes?
Provided you're within range.

me3000 · 01-01-2014, 07:33 AM

(12-12-2013, 04:56 AM)Satan Wrote: Oh, so it could be useful if a computer goes onto a closed network, or if it goes offline, yes?
Provided you're within range.

Imagine a cash register at a computer store, lets say Best Buy for example... I have seen BB have a cashiers terminal in their PC department before. So now an employee could infect both computers, allowing the cashiers computer to say interact with another PC in store that is on display and most likely much less secured(or even hide your own device in store). Then they can then communicate and the cashiers computer can receive simple commands...

You could have very simple commands that don't require much bandwidth. Extracting large amounts of data may be difficult especially with sound interference's much like how wifi can go to shit quickly with lots of other wifi traffic. It more less is just another possibility, probably not the best method in most cases, but an interesting possibility.