Hackers need physical access to a computer or need to trick a user into installing malware to steal data from an air-gapped PC (one that is not physically connected to a network). Air-gapped computers can have malware installed to steal data, but getting the data out is harder. That may not be the case with new research shared by The Hacker News that claims hackers can exfiltrate sensitive data from a PC by changing the brightness of the screen. This hack allegedly works on air-gapped computers.
The hack is said to play an important role in stealing sensitive data from an infected, but an air-gapped computer. Details of the process come from Mordechai Guri, head of cybersecurity research center at Ben Gurion University in Israel. Guri devised a new covert optical channel that allows the theft of data from air-gapped computers without needing network connectivity or physically contacting the devices.
Guri notes that the covert channel is invisible and works even while a user is working on the computer. Malware on the compromised computer can obtain sensitive data of any sort and modulate it within the screen brightness invisible to users. The idea is that the malware encodes the stolen information as a stream of bytes and then modulates it as 1 and 0 signal.
The attacker uses small changes in LCD brightness that are invisible to the naked eye to covertly modulate binary information in Morse code-like patterns. With LCD screens, each pixel is a combination of RGB colors to produce the required compound color. With the modulation the researcher proposes, the RGB color component of each pixel is slightly changed.
The hacker can collect the data stream using video recording of the compromised computer display taken by a smartphone camera, a surveillance camera, or webcam. Image processing techniques can then be used to reconstruct the information.
In other hacking news, Visa warned in December that hackers are targeting gas station POS systems to steal credit card details.