Information security researchers at the Karlsruhe Institute of Technology (KIT) have shown the vulnerability of computers to hacking through conventional indicator LEDs on office equipment. It turned out that laser transceivers are capable not only of reading information from a PC using indicator LEDs, but also writing malicious code into the memory of computers.
Image source: Andrea Fabry, KIT
A common indicator LED, for example, on a printer connected to a computer, turned out to be a kind of gateway to data on a PC. Moreover, it should be emphasized that this is both an input and an output, since LEDs are capable of not only emitting, but also serving as photodiodes for intense light sources. In an experiment with a PC and a printer, the researchers showed that using only one laser at a distance of 25 meters, without physical or other access to the computer system, data can be retrieved at speeds up to 100 Kbps and downloaded at speeds up to 18.2 Kbps.
Previously, numerous vulnerabilities of isolated computing systems were shown, which were exploited in a contactless way through the vibrations of a fan , hard drive, HDD LED, and a number of others. However, in all these cases, data, as a rule, were only read and then at very low speeds. German scientists have shown that ordinary LEDs can multiply the speed of secret optical data reading and, moreover, allow the reverse process of writing information to the PC memory.
Image source: KASTEL / KIT
To prevent detected threats, a special website has been created , where you can get acquainted with the details of the hacking technology, including code fragments. The research project is called LaserShark. A preprint of the research article is also available . The report on the discovered vulnerability was made at the 37th Annual Computer Security Application Conference (ACSAC).
0 Comments:
Post a Comment
Your comment and facebook share will be appreciated