ODINI: Escaping Sensitive Data From Faraday-Caged, Air-Gapped Computers via Magnetic Fields

@article{Guri2020ODINIES,
  title={ODINI: Escaping Sensitive Data From Faraday-Caged, Air-Gapped Computers via Magnetic Fields},
  author={Mordechai Guri and Boris Zadov and Andrey Daidakulov and Yuval Elovici},
  journal={IEEE Transactions on Information Forensics and Security},
  year={2020},
  volume={15},
  pages={1190-1203}
}
Air-gapped computers are devices that are kept isolated from the Internet, because they store and process sensitive information. [] Key Method Arbitrary data can be modulated and transmitted on top of the magnetic emission and received by a magnetic ‘bug’ located nearby. We implement a malware prototype and discuss the design considerations along with the implementation details. We also show that the malicious code does not require special privileges (e.g., root) and can successfully operate from within…
Brightness: Leaking Sensitive Data from Air-Gapped Workstations via Screen Brightness
TLDR
This paper introduces an optical covert channel in which an attacker can leak sensitive information from air-gapped computers through manipulations on the screen brightness, invisible to users.
MAGNETO: Covert Channel between Air-Gapped Systems and Nearby Smartphones via CPU-Generated Magnetic Fields
BitJabber: The World’s Fastest Electromagnetic Covert Channel
TLDR
A new physical covert channel named BitJabber is introduced that is extremely fast and strong enough to even penetrate concrete walls and can enable data exfiltration from an air-gapped computer enclosed in a room with thick concrete walls up to 15 cm.
AiR-ViBeR: Exfiltrating Data from Air-Gapped Computers via Covert Surface ViBrAtIoNs
TLDR
The results show that data can be exfiltrated from air-gapped computer to a nearby smartphone on the same table, or even an adjacent table, via vibrations, and a set of countermeasures are proposed for this new type of attack.
xLED: Covert Data Exfiltration from Air-Gapped Networks via Switch and Router LEDs
TLDR
It is shown how attackers can covertly leak sensitive data from air-gapped networks via the row of status LEDs on networking equipment such as LAN switches and routers through different modulation and encoding schemas, along with a transmission protocol.
BeatCoin : Leaking Private Keys from Air-Gapped
TLDR
This research shows that although cold wallets provide a high degree of isolation, its not beyond the capability of motivated attackers to compromise such wallets and steal private keys from them.
Exfiltrating data from air-gapped computers via ViBrAtIoNs
BeatCoin: Leaking Private Keys from Air-Gapped Cryptocurrency Wallets
  • Mordechai Guri
  • Computer Science
    2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
  • 2018
TLDR
This research shows that although cold wallets provide a high degree of isolation, it's not beyond the capability of motivated attackers to compromise such wallets and steal private keys from them.
LCD TEMPEST Air-Gap Attack Reloaded
  • Mordechai Guri, Matan Monitz
  • Computer Science
    2018 IEEE International Conference on the Science of Electrical Engineering in Israel (ICSEE)
  • 2018
TLDR
It is found that malware can covertly leak data from air-gapped computers to a nearby RF receiver via the electromagnetic emission through an analysis of the frequency range, effective distance and the bandwidth of this covert-channel.
HOTSPOT: Crossing the Air-Gap Between Isolated PCs and Nearby Smartphones Using Temperature
  • Mordechai Guri
  • Computer Science, Physics
    2019 European Intelligence and Security Informatics Conference (EISIC)
  • 2019
TLDR
The results show that it possible to send covert signals from air-gapped PCs to the attacker on the Internet through the thermal pings, and propose countermeasures for this type of covert channel which has thus far been overlooked.
...
...

References

SHOWING 1-10 OF 98 REFERENCES
xLED: Covert Data Exfiltration from Air-Gapped Networks via Router LEDs
TLDR
The experiment shows that sensitive data can be covertly leaked via the status LEDs of switches and routers at a bit rates of 10 bit/sec to more than 1Kbit/sec per LED.
BitWhisper: Covert Signaling Channel between Air-Gapped Computers Using Thermal Manipulations
TLDR
This paper demonstrates BitWhisper, a method of bridging the air-gap between adjacent compromised computers by using their heat emissions and built-in thermal sensors to create a covert communication channel, which supports bidirectional communication and requires no additional dedicated peripheral hardware.
An optical covert-channel to leak data through an air-gap
TLDR
VisiSploit is introduced, a new type of optical covert channel which, unlike other optical methods, is also stealthy and shows that malicious code on a compromised computer can obtain sensitive data and project it onto a computer LCD screen, invisible and unbeknownst to users.
Platform-agnostic Low-intrusion Optical Data Exfiltration
TLDR
A new approach for data exfiltration using a malicious storage device which subtly transmits data through blinking infrared LEDs is studied, which could be used by an attacker trying to leak sensitive data stored in the device.
GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies
TLDR
GSMem, a malware that can exfiltrate data through an air-gap over cellular frequencies, is presented and its efficacy and feasibility are demonstrated, achieving an effective transmission distance of 1 - 5.5 meters with a standard mobile phone.
AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies
TLDR
AirHopper is presented, a bifurcated malware that bridges the air-gap between an isolated network and nearby infected mobile phones using FM signals and it is demonstrated how textual and binary data can be exfiltrated from physically isolated computer to mobile phones at a distance of 1-7 meters.
Bridging the Air Gap between Isolated Networks and Mobile Phones in a Practical Cyber-Attack
TLDR
This article presents “AirHopper,” a bifurcated malware that bridges the air gap between an isolated network and nearby infected mobile phones using FM signals, and demonstrates how valuable data can be exfiltrated from physically isolated computers to mobile phones at a distance of 1--7 meters, with an effective bandwidth of 13--60 bytes per second.
Compromising emanations: eavesdropping risks of computer displays
TLDR
A proposal for a civilian radio-frequency emission-security standard is outlined, based on path-loss estimates and published data about radio noise levels, and a new optical eavesdropping technique is demonstrated that reads CRT displays at a distance.
Air-Gap Covert Channels
TLDR
It is empirically demonstrated that using physically unmodified, commodity systems, covert-acoustic channels can be used to communicate at data rates of hundreds of bits per second, without being detected by humans in the environment, and data rates when nobody is around to hear the communication.
...
...