Fansmitter, A New Malware That Steals Data Through PC Fans
Security companies are always finding new ways to develop new security algorithms to secure the systems of their customers. To achieve that sometimes they have to develop a virus themselves inorder to counteract it. This time a new malware has been developed called “Fansmitter” that transmits data through PC fan.
The malware was developed by a team of researchers from Ben-Gurion University’s Cyber Security Research Center in Israel. The Fansmitter is capable to steal data from an air gapped machine, by listening to a PC’s cooling fan according to their research paper.
For those who don’t know air gapped machine is a computer that is physically isolated from any network including the internet.
If Fansmitter is installed in a air gapped machine, it can control CPU and chassis fans to create a unique waveform that renders binary data. A nearby microphone can record and decode the data, and this data can be transmitted at 900 bits/hour. However, this malware is not reliable to steal big chunks of data, but it is enough to steal passwords, keys and basic text document.
According to the research paper:
Using our method we successfully transmitted data from [an] air-gapped computer without audio hardware, to a smartphone receiver in the same room. We demonstrated the effective transmission of encryption keys and passwords from a distance of zero to eight meters, with [a] bit rate of up to 900 bits/hour. We show that our method can also be used to leak data from different types of IT equipment, embedded systems, and IoT devices that have no audio hardware, but contain fans of various types and sizes.
However, the device containing the microphone, like a smartphone is also required to be hacked prior to receive the data, and must be located within 24 feet of the target computer.
What are your thoughts on this new malware? Let us know in the comments.