To #badBIOS and Beyond: Covert Acoustic Mesh Networks in Air

Cryptome (support their Kickstarter! [1]) dug up a neat paper from researchers at the Fraunhofer Institute FKIE in Germany.

Repurposing some stuff meant for communications underwater, these guys took the #badBIOS acoustic-side-channel idea and went a step further… creating full-on mesh-networks, which can automatically exfiltrate e.g keystroke logs over MULTIPLE HOPS worth of machines.

In other words, if there’s a computer in the hall, they can communicate with the ‘net from the air gap in one office to the networked machines in the other office.

The researchers talk about various solutions, though I’m somewhat skeptical a host-based IDS is a good way to go in this situation… after all, the host is already pwned! On the other hand a dedicated ultrasonic-communications-detection IDS on an unconnected host in the room could work quite well.

One gem — their citation in the ‘related work’ section, talking about manipulating keyboard LEDs in software to send out an optical signals. Clever…


%d bloggers like this: