Posts
Eric Filiol, head scientist at the French Signals Academy's Virology and Cryptology Lab, recently reported that hackers could steal data from computers at the lab without disrupting its network.
At the Black Hat conference in Las Vegas, Filiol demonstrated how the attack, nicknamed “Windows Jingle Attack, works. The attack utilizes audio data to steal passwords and intrude into the system, InformationWeek reported. The hacker first encodes a user password into audio data and conceal that data into the Windows startup tone, a publicly audible sound that can be read from afar with a local or remote microphone and then decoded.
Windows Jingle Attack builds on a research conducted by National Security Agency (News - Alert) (NSA) into the signals that emanate from electronic devices and how to prevent the interception of those signals. It does require malware with audio processing code to encode the information to be stolen.
“The malware needs to be able to replace the Windows start-up tone,” Filiol was quoted as saying in the InformationWeek report. “And the person receiving the information needs some means to pick up the startup tone, a microphone that works over long distances or hidden locally, and software to decode the transmitted information.”
Most likely, Windows Jingle Attack is not easily executable like the other attacks. However, dangerous scenarios could arise from the attacker’s ability to steal data from a computer without a network connection.
Instances of similar attacks were reported in the past, InformationWeek said. In 1987, the NSA found that KGB, the intelligence and internal security agency of the former Soviet Union, had replaced the circuit boards and power cords in the U.S. Embassy in Moscow in order to covertly siphon message data.
According to Filiol in the report, “an isolated computer is quite never really disconnected from the outside.”
The “Jingle” technique could also be used to create other covert channels of communication. For example, Filiol said, data could be encoded visually on-screen, using hard disk read/write noise, or computer fans.
Filiol demonstrated the Windows Jingle Attack technique using an actual altered Windows startup tone and showed impressive results. He demonstrated a startup tone where the encoded data could be heard and then he demonstrated an optimized version where the presence of hidden data was undetectable to the human ear.
Filiol said he would post a hidden message in his presentation in the Black Hat archives and announced a token prize to the first person to decipher the message. The presentation should be available in two weeks, said Filiol.
No comments:
Post a Comment