Researchersfrom the Ben-Gurion University of the Negev in Israel demonstrated a proof-of-concept attack they named “Mosquito,” which can exfiltrate data from online and air-gapped computers using speakers and headphones.
Their research, titled “Mosquito: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication,” details an attack method that can covertly transmit and receive data by employing “jack retasking.” The technique switches the output audio jack to input jack, which then converts the speakers into microphones. This is a feature in modern audio chipsets that can actually be enabled through software. A specially crafted malware can exploit this and alter a speaker or headphone to act as a microphone. Data exfiltration is carried out between machines (at a distance of up tonine meters) through ultrasonic sound waves.
The researchers, Mordechai Guri, Yosef Solwicz, Andrey Daidakulov, and Yuval Elovici, also developed other data exfiltration techniques against air-gapped systems, including:
Odini: uses low-frequency magnetic signals generated by the CPU cores
Magneto: employs magnetic signals for data in air-gapped systems to leak to nearby smartphones
LED-it-Go: uses the light-emitting diodes (LED) to exfiltrate data from air-gapped networks
aIR-Jumper: uses infrared LED and security cameras to remotely communicate with air-gapped networks
BitWhisper: draws on temperature changes in the CPU/GPU of computers to enable adjacent air-gapped systems to communicate
The researchers explained that microphones were not required for Mosquito. They added that their method was "based on the capability of a malware to exploit a specific audio chip feature in order to reverse the connected speakers from output devices into input devices."
Video: How internet-connected speakers can leak information
about their owners to a potential attacker
While only experimental at this point, Mosquito demonstrates that no platform or device is impervious to security risks. This rings particularly true for internet-of-things (IoT) devices. While the technologies that power them may provide convenience, they can also come with vulnerabilities or system weaknesses that can leak personal or corporate data or further expose the network to threats.
The Trend Micro Forward-Looking Threat Research (FTR) Team’s Stephen Hilt delved into thesecurity of IoT speakersand found that two popular brands of speaker systems were susceptible to exposing user data along with other information that could be used in an attack. The security gaps also included an open port that could allow online access to the device and its user information. Running these devices in workplace environments could compound the risks and challenges.