• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • About Us
  • Contact Us

iHash

News and How to's

  • Apple iPad 2 16GB – Space Gray (Refurbished: Wi-Fi Only) for $156

    Apple iPad 2 16GB – Space Gray (Refurbished: Wi-Fi Only) for $156
  • BasketPong Giant Yard Pong Basketball Game for $150

    BasketPong Giant Yard Pong Basketball Game for $150
  • Night Eye Pro: Lifetime Subscription for $19

    Night Eye Pro: Lifetime Subscription for $19
  • The Essential At Home Baking Masterclass Bundle for $19

    The Essential At Home Baking Masterclass Bundle for $19
  • The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49

    The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

Creating Wireless Signals with Ethernet Cable to Steal Data from Air-Gapped Systems

Oct 4, 2021 by iHash Leave a Comment

A newly discovered data exfiltration mechanism employs Ethernet cables as a “transmitting antenna” to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research.

“It’s interesting that the wires that came to protect the air-gap become the vulnerability of the air gap in this attack,” Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Center in the Ben Gurion University of the Negev in Israel, told The Hacker News.

Dubbed “LANtenna Attack,” the novel technique enables malicious code in air-gapped computers to amass sensitive data and then encode it over radio waves emanating from Ethernet cables just as if they are antennas. The transmitted signals can then be intercepted by a nearby software-defined radio (SDR) receiver wirelessly, decode the data, and send it to an attacker who is in an adjacent room.

“Notably, the malicious code can run in an ordinary user-mode process and successfully operate from within a virtual machine,” the researchers noted in an accompanying paper titled “LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables.”

Automatic GitHub Backups

Air-gapped networks are designed as a network security measure to minimize the risk of information leakage and other cyber threats by ensuring that one or more computers are physically isolated from other networks, such as the internet or a local area network. They are usually wired since machines that are part of such networks have their wireless network interfaces permanently disabled or physically removed.

This is far from the first time Dr. Guri has demonstrated unconventional ways to leak sensitive data from air-gapped computers. In February 2020, the security researcher devised a method that employs small changes in LCD screen brightness, which remains invisible to the naked eye, to modulate binary information in morse-code-like patterns covertly.

Then in May 2020, Dr. Guri showed how malware could exploit a computer’s power supply unit (PSU) to play sounds and use it as an out-of-band, secondary speaker to leak data in an attack called “POWER-SUPPLaY.”

Lastly, in December 2020, the researcher showed off “AIR-FI,” an attack that leverages Wi-Fi signals as a covert channel without requiring the presence of Wi-Fi hardware on the targeted systems.

Prevent Data Breaches

The LANtenna attack is no different in that it works by using the malware in the air-gapped workstation to induce the Ethernet cable to generate electromagnetic emissions in the frequency bands of 125 MHz that are then modulated and intercepted by a nearby radio receiver. In a proof-of-concept demo, data transmitted from an air-gapped computer through its Ethernet cable was received at a distance of 200 cm apart.

As countermeasures, the researchers propose prohibiting the use of radio receivers in and around air-gapped networks and monitoring the network interface card link layer activity for any covert channel, as well as jamming the signals, and using metal shielding to limit electromagnetic fields from interfering with or emanating from the shielded wires.

“This paper shows that attackers can exploit the Ethernet cables to exfiltrate data from air-gapped networks,” the researchers said in the paper. “Malware installed in a secured workstation, laptop, or embedded device can invoke various network activities that generate electromagnetic emissions from Ethernet cables.”

“Dedicated and expensive antennas yield better distance and could reach tens of meters with some cables,” Dr. Guri added.

Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: AirGapped, Cable, computer security, Creating, cyber attacks, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, data, data breach, Ethernet, hacker news, hacking news, how to hack, information security, network security, ransomware malware, Signals, software vulnerability, Steal, systems, the hacker news, Wireless

Special Offers

  • Apple iPad 2 16GB – Space Gray (Refurbished: Wi-Fi Only) for $156

    Apple iPad 2 16GB – Space Gray (Refurbished: Wi-Fi Only) for $156
  • BasketPong Giant Yard Pong Basketball Game for $150

    BasketPong Giant Yard Pong Basketball Game for $150
  • Night Eye Pro: Lifetime Subscription for $19

    Night Eye Pro: Lifetime Subscription for $19
  • The Essential At Home Baking Masterclass Bundle for $19

    The Essential At Home Baking Masterclass Bundle for $19
  • The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49

    The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

E-mail Newsletter

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Universal Access to Big Data is Here

May 21, 2022 By iHash

Researchers Find Backdoor in School Management Plugin for WordPress

May 21, 2022 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news Cyber Security cybersecurity cyber security news cyber security news today cyber security updates cyber threats cyber updates data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS iOS 7 iOS 8 iPhone iPhone 6 Malware microsoft network security Privacy ransomware malware risk management security security breaches security vulnerabilities software vulnerability the hacker news Threat update video web applications

Latest

Apple iPad 2 16GB – Space Gray (Refurbished: Wi-Fi Only) for $156

Expires May 17, 2122 23:59 PST Buy now and get 9% off KEY FEATURES Thinner and lighter than its predecessor, the Apple iPad 2 makes working, browsing, and gaming on the go even easier. This refurbished iPad 2 comes with a dual-core A5 chip to help you breeze through your to-dos while lasting for up […]

BasketPong Giant Yard Pong Basketball Game for $150

Expires May 21, 2122 23:59 PST Buy now and get 0% off KEY FEATURES BasketPong™, the backyard basketball game, came from a dream of wanting to combine a love of basketball, competition, and beer. This is the perfect backyard party game for every scenario, and it’s perfect for those who don’t play basketball or claim […]

How to deploy NLP: Text Embeddings and Vector Search

How to deploy NLP: Text Embeddings and Vector Search

How to deploy NLP: Text Embeddings and Vector Search English简体中文한국어日本語FrançaisDeutschEspañolPortuguês As part of our natural language processing (NLP) blog series, we will walk through an example of using a text embedding model to generate vector representations of textual contents and demonstrating vector similarity search on generated vectors. We will deploy a publicly available model on […]

The Microsoft Azure Fundamentals, Administration & Security Certification Bundle for $49

Expires May 01, 2122 23:59 PST Buy now and get 95% off Microsoft Azure Fundamentals (AZ-900) Table of Contents KEY FEATURESPRODUCT SPECSTHE EXPERTKEY FEATURESPRODUCT SPECSTHE EXPERTKEY FEATURESPRODUCT SPECSTHE EXPERTKEY FEATURESPRODUCT SPECSTHE EXPERT KEY FEATURES This course will help you prepare for the Exam AZ-900: Microsoft Azure Fundamentals. It’s designed for candidates looking to demonstrate foundational-level […]

Apple Ipad Air 2 128GB – Gold (Refurbished: Wi-Fi + Cellular) for $481

Expires May 16, 2122 23:59 PST Buy now and get 9% off KEY FEATURES This refurbished iPad Air is the perfect balance of power, design, and value. It has a gorgeous 9.7-inch Retina display, yet it’s 6.1mm thin and weighs just 0.96 pounds! So, it’s not just incredibly portable, it’s also fast and responsive, with […]

“Above the Trend Line” – Your Industry Rumor Central for 5/20/2022

Above the Trend Line: your industry rumor central is a recurring feature of insideBIGDATA. In this column, we present a variety of short time-critical news items grouped by category such as M&A activity, people movements, funding news, industry partnerships, customer wins, rumors and general scuttlebutt floating around the big data, data science and machine learning […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2022
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT