3

I was reading this article from Ars on badBIOS and came across this line which states

the malware, has the ability to use high-frequency transmissions passed between computer speakers and microphones to bridge airgaps.

and wondered if this attack vector was possible ? Not only me , but all other readers were wondering if this had any logical explanation.Can a computer transmit packets via high-frequency sounds broadcast over speakers ?

Canadian Luke
  • 24,199
  • 39
  • 117
  • 171
Ashildr
  • 2,698
  • 5
  • 26
  • 45
  • Very interesting read, I was wondering too what the implications for mobile devices is? They have embedded firmware, speakers and a microphone (or two) so they would be a perfect vector to get into server rooms, more private business areas etc. Then I read that the UK Government has banned phones and tablets from sensitive meetings (http://www.telegraph.co.uk/news/politics/10423514/iPads-banned-from-Cabinet-meetings-over-surveillance-fears.html) - I know these aren't currently linked, but did get me thinking. – sgtbeano Nov 04 '13 at 15:39
  • @Ash - The simply answer to this question is we don't actually know. We don't even know if it actually IS jumping airgaps. Furthermore one single security person has come forward other then the information from that person very little is known by this piece of software. – Ramhound Nov 04 '13 at 15:52
  • @Ramhound & Ash The researcher that came up with this is being less then forthcoming with evidence. At this time we basically have to take his word for it. – Tonny Nov 04 '13 at 15:55
  • 1
    @Tonny - Which is my entire point. The researcher ( for all we know ) could have made everything up. This question really should be moved to `http://security.stackexchange.com/` anyways. – Ramhound Nov 04 '13 at 15:57
  • The question is on topic here, and I would let it stay. – slhck Nov 04 '13 at 16:00
  • @Ramhound I had not thought about moving it but that is a good idea. (I usually don't hangout on that site :-) I flagged it for a moderator. – Tonny Nov 04 '13 at 16:02
  • @slhc - I personally only flagged it because this typical peice of software ( if it exists ) might lead to a bunch of theory mongering since we don't actually know very much about it. – Ramhound Nov 04 '13 at 16:04
  • 1
    @Ramhound this question [was already asked there](http://security.stackexchange.com/questions/44840/transmitting-malicious-code-over-audio-speakers). – Scott Chamberlain Nov 04 '13 at 16:05
  • makes me think of the DOJs worry that Kevin Mitnick could whistle into an analog telephone and launch nuclear missiles. – Frank Thomas Nov 04 '13 at 17:03

4 Answers4

1

Can a computer transmit packets via high-frequency sounds broadcast over speakers ?

In theory yes, it's the same as transmitting over analogue phone lines. Packets of data could be encoded as pulses and tones to be broadcast over speakers. As most speakers can generate high frequency noises which are beyond the range humans can hear, I see no reason why this couldn't happen.

and wondered if this attack vector was possible ?

The concept of receiving the packets is slightly more complex in that it couldn't be the initial vector. As indicated in the article, the initial infection was likely due to an infected firmware in a USB storage device.

I would theorize that the virus isn't transmitted via sounds initially, but is using audio as a method of command & control in environments where networking is either not available or severely restricted due to security measures.

sgtbeano
  • 571
  • 3
  • 13
1

As a sole means of attack vector it is BOGUS. In order for the victim to receive the attack it must be listening to the audio broadcast of the other machine first. And it must be able to decode that broadcast.

That implies that the victim computer is ALREADY infected by something which installed the listening software.

As a means of communication between 2 infected computers it is by all means plausible.
It is not even new.
What do you think those old acoustic modems where doing back in the 80's ? Or fax-machines ? Communicate by sound !

Tonny
  • 29,601
  • 7
  • 52
  • 84
  • @sgtbeano We posted in parallel but seem to have exactly the same opinion on this one. – Tonny Nov 04 '13 at 15:53
  • If you read the article the virus was spread via USB not microphone, it was then using the microphone to keep the communication channel open across the airgap. – Scott Chamberlain Nov 04 '13 at 16:06
1

Can a computer transmit packets via high-frequency sounds broadcast over speakers ?

Sure. If a mic can pick up the sound and a speaker transmit the sound, it's possible. There's many, many methods of transmitting data via sound. Fast methods are complicated and require optimum conditions, but very slow methods such as PSK used in 300 baud modems are more robust.

Most PC's can create sounds 20-20KHz and beyond. I don't know the maximum frequency of the standard PC speaker but it can go pretty high. Most people can't hear very well above 15KHz ... but I'd be surprised if your average PC mic picks up frequencies outside the normal vocal range (4KHz) very well.

Of course, no OS has this capability built in. There is no program in any standard OS that accepts data over modulated high-frequency sounds received by speakers ... except possibly things like Dolby/DTS decoders for audio. Maybe, just maybe there's an exploit there waiting to happen.

So while malware (or any other program) could communicate with another system using this technique, it's really unlikely that it could spread using this technique. I don't think consumer grade laptop mics are capable of it anyway.

LawrenceC
  • 73,030
  • 15
  • 129
  • 214
  • true, there has been nothing this sophisticated before (if it is indeed real now). I have seen exploits for systems with voice recognition however. there was one that bypasses UAC by saying 'yes' at the right time. – Frank Thomas Nov 04 '13 at 17:05
0

Of course its technically possible. In order for a computer to communicate, it simply needs to transmit 1s and 0s, which can be done via sound. As for high frequency sounds, I know my iPhone can make a sound that annoys my cats, but I cant hear it, I assume my PC speakers are just as capable.

Keltari
  • 71,875
  • 26
  • 179
  • 229