A novel way that hackers could steal sensitive data from a highly secured computer: by tapping into the vibrations from a cooling system fan discovered by Israeli Researchers.
According to researchers data encoded by hackers into fan vibrations could be transmitted to a smartphone placed in the vicinity of the targeted computer.Computers vibrate at a frequency correlated to the rotation speed of their internal fans. Malware can control computer vibrations by manipulating internal fan speeds.
The covertly transmitted vibrations can be picked up by a smartphone resting on the same surface as the computer.
Since accelerometer sensors in smartphones are unsecured, they can be accessed by any app without requiring user permissions, which make this attack highly evasive.
Experts demonstrated the process, named AiR-ViBeR, with an air-gapped computer setup. Air-gapped computer systems are isolated from unsecured networks and the internet as a security measure.
The malware in question doesn’t exfiltrate data by cracking encryption standards or breaking through a network firewall; instead, it encodes data in vibrations and transmits it to the accelerometer of a smartphone,
AiR-ViBer relied on vibration variances sensed by an accelerometer capable of detecting motion with a resolution of 0.0023956299 meters per square second. There are other means of capturing data through side channels. They include electromagnetic, magnetic, acoustic, optical and thermal.
