How to leak sensitive data from an isolated computer (air-gap) to a near by mobile phone – AirHopper

 

Security researcher Mordechai Guri with the guidance of Prof. Yuval Elovici from the cyber security labs at Ben-Gurion University in Israel presented at the 9th IEEE International Conference on Malicious and Unwanted Software (MALCON 2014), at Puerto Rico, a breakthrough method (“AirHopper) for leaking data from an isolated computer to a mobile phone without the presence of a network. In highly secure facilities the assumption today is that data can not leak outside of an isolated internal network. It is called air-gap security (full lecture on the topic by Prof. Yuval Elovici is here). The common policy in such secure organizations is to leave your mobile phone in some locker when you enter the facility and then pick it up when you go out. We at the cyber security labs challenged this assumption and found a way to leak data from a computer inside the organization to a remote a mobile phone without using Wifi or Bluetooth. “Such technique can be used potentially by people and organizations with malicious intentions and we want to start a discussion on how to mitigate this newly presented risk.” said Dudu Mimran CTO of the cyber security labs.

The following video demonstrates AirHopper:

The main idea behind the research is to use radio frequencies in order to transmit the secret data from the computer to the mobile phone. Mobile phones usually come equipped with FM radio receivers and it is already known that software can intentionally create radio emissions from a video display unit. Yes, from the computer screen. Still, this is the first time that a mobile phone is considered in an attack model as the intended receiver of maliciously crafted radio signals emitted from the screen of the isolated computer. AirHopper demonstrates how textual and binary data can be exfiltrated from physically a isolated computer to mobile phones at a distance of 1-7 meters, with effective bandwidth of 13-60 Bps (Bytes per second). Enough to steal a secret password.

 

AirHopper: Bridging the Air-Gap between Isolated Networks and Mobile Phones using Radio Frequencies from mordechaiguri

Follow the story on twitter @cyberlabsbgu #airhopper.

The team of cyber security labs @ Ben-Gurion University of the Negev in Israel.