Your PC chassis fans can be used as vulnerability now
by Hilbert Hagedoorn on: 04/23/2020 10:35 AM | source: Для просмотра ссылки Войдиили Зарегистрируйся | Для просмотра ссылки Войди или Зарегистрируйся
Myself question: Would be possible, really? That's crazy man!!!
We have a news item that will blow you away We've seen vulnerabilities in many forms and ways over the years, here's a new one. A researcher at Ben Gurion University in Israel, Mordechai Guri, learns us that fans (vibrations) in your PC are also prone to abuse, it's complicated though.
Guri (not Guru) calls his proof of concept 'AiR-ViBeR', and uses the vibrations that the fans produce. I swear this was not published oN Aprils fools day earlier in the month. Malware is required to be installed on the system with the fans, a second malware program then needs be installed on your smartphone. The malware on the PC will collect data, and transmit this as a signal to the accelerometer in the phone by means of the vibrations of the fan. As explained by Tom's hardware:
The data rate isn't the only factor holding back the success of this attack method. An attacker would still need to get the malware installed on the PC to be able to send the signals. They'd also need access to your mobile phone to read out the accelerometer; however, this is achievable without any permissions, as many mobile phones give free access to the accelerometer's data through the browser.
He wrote a paper on this, Для просмотра ссылки Войдиили Зарегистрируйся
Для просмотра ссылки Войдиили Зарегистрируйся Для просмотра ссылки Войди или Зарегистрируйся
by Hilbert Hagedoorn on: 04/23/2020 10:35 AM | source: Для просмотра ссылки Войди
Myself question: Would be possible, really? That's crazy man!!!
We have a news item that will blow you away We've seen vulnerabilities in many forms and ways over the years, here's a new one. A researcher at Ben Gurion University in Israel, Mordechai Guri, learns us that fans (vibrations) in your PC are also prone to abuse, it's complicated though.
Guri (not Guru) calls his proof of concept 'AiR-ViBeR', and uses the vibrations that the fans produce. I swear this was not published oN Aprils fools day earlier in the month. Malware is required to be installed on the system with the fans, a second malware program then needs be installed on your smartphone. The malware on the PC will collect data, and transmit this as a signal to the accelerometer in the phone by means of the vibrations of the fan. As explained by Tom's hardware:
- This cyberattack is painstakingly inefficient and we cannot see it happening in a real-life scenario. The data rate was slow -- we're talking about single words being transferred. Unless the attackers are extremely desperate and have no other viable way of accessing your data, we wouldn't worry about this attack.
The data rate isn't the only factor holding back the success of this attack method. An attacker would still need to get the malware installed on the PC to be able to send the signals. They'd also need access to your mobile phone to read out the accelerometer; however, this is achievable without any permissions, as many mobile phones give free access to the accelerometer's data through the browser.
He wrote a paper on this, Для просмотра ссылки Войди
Для просмотра ссылки Войди