The technique leverage connected speakers (passive speakers, headphones, or earphones) to acquire the sound from surrounding environment by exploiting a specific audio chip feature.
The MOSQUITO technique establishes a covert ultrasonic transmission between two air-gapped computers using speaker-to-speaker communication.
“In this paper, we show how two (or more) airgapped computers in the same room, equipped with passive speakers, headphones, or earphones can covertly exchange data
via ultrasonic waves.” reads the research paper.
“Microphones are not required. Our method is based on the capability of a malware to exploit a specific audio chip feature in order to reverse the connected speakers from output devices into input devices.”
The experts rely on the way speakers/headphones/earphones respond to the near-ultrasonic range (18kHz to 24kHz) to exploit the hardware that can be reversed to perform as microphones.
The Israeli team tested the MOSQUITO technique with different equipment at
various distances and transmission speeds.
The technique is stealth, two computers exchange data via audible sounds using speakers and headphones making impossible to discover it.
The experts shared two video proof-of-concept videos that show two air-gap computers in the environment that were infected with a malicious code developed by the experts.
“Our results show that the speaker-to speaker communication can be used to covertly transmit data between two air-gapped computers positioned a maximum of nine meters away from one another.” continues the paper. “Moreover, we show that two (microphone-less) headphones can exchange data from a distance of three meters apart. This enables ’headphones-to-headphones’ covert communication,”
Researchers were able to exchange data over an air-gap computer from a distance of eight meters away with an effective bit rate of 10 to 166 bit per second.
Further info on the technique is included in the research paper,
Past research conducted by Ben-Gurion researchers related to the hack of air-gapped networks are:
[adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – MOSQUITO technique, air-gapped network)
[adrotate banner=”5″]
[adrotate banner=”13″]