“Glowworm” Can Eavesdrop via Devices’ Power LEDs

Researchers at Ben-Gurion University of the Negev have demonstrated a novel way to spy on electronic conversations. A new paper released today outlines a novel passive form of the TEMPEST attack called Glowworm, which converts minute fluctuations in the intensity of power LEDs on speakers and USB hubs back into the audio signals that caused those fluctuations.

The Cyber@BGU team—consisting of Ben Nassi, Yaron Pirutin, Tomer Gator, Boris Zadov, and Professor Yuval Elovici—analyzed a broad array of widely used consumer devices including smart speakers, simple PC speakers, and USB hubs. The team found that the devices' power indicator LEDs were generally influenced perceptibly by audio signals fed through the attached speakers.

Although the fluctuations in LED signal strength generally aren't perceptible to the naked eye, they're strong enough to be read with a photodiode coupled to a simple optical telescope... more 

Check out the other eavesdropping hits that have come out of Ben-Gurion University... here

Spy Drone Filming - Detection Method Developed

The first technique to detect a drone camera illicitly capturing video is revealed in a new study published by Ben-Gurion University of the Negev (BGU) and Weizmann Institute of Science cyber security researchers.

The study addresses increasing concerns about the proliferation of drone use for personal and business applications and how it is impinging on privacy and safety.

In a new paper, "Game of Drones - Detecting Captured Target from an Encrypted Video Stream," the researchers demonstrate techniques for detecting if a targeted subject or house is being recorded by a drone camera. "The beauty of this research is that someone using only a laptop and an object that flickers can detect if someone is using a drone to spy on them," says Ben Nassi... more video

From Those Wonderful Folks Who Killed Air-Gap Security - This Bud Screws You

A research team from Israel’s Ben-Gurion University of the Negev's cybersecurity research center has discovered a new way of data extraction from air-gapped computers via using passive devices like earbuds, earphones, headphones, and speakers.

Now, the same research center has claimed to be able to use computer speakers and headphones to act as microphones and receive data. The devices can be used to send back the signals and make the otherwise safe practice of air-gapping less secure.

As per the new technique [PDF], data is extracted in the form of inaudible ultrasonic sound waves and transmission occurs between two computers installed in the same room while data is shared without using microphones. more

LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables

via Cyber Security Labs @ Ben Gurion University

Air-gapped networks are wired with Ethernet cables since wireless connections are strictly prohibited. 

 LANTENNA - a new type of electromagnetic attack allowing adversaries to leak sensitive data from isolated, air-gapped networks. 

Malicious code in air-gapped computers gathers sensitive data and then encodes it over radio waves emanating from the Ethernet cables, using them as antennas. A nearby receiving device can intercept the signals wirelessly, decode the data, and send it to the attacker. 

We discuss the exfiltration techniques, examine the covert channel characteristics, and provide implementation details. Notably, the malicious code can run in an ordinary user-mode process and successfully operate from within a virtual machine. We evaluate the covert channel in different scenarios and present a set of countermeasures. 

Our experiments show that with the LANTENNA attack, data can be exfiltrated from air-gapped computers to a distance of several meters away. more & video

Novel Eavesdropping Attack or The Bright Spy

The usual way of eavesdropping with a glass over the wall has come a long way: bugs in the wall, hacking weak passwords, wiretaps, and more. Now, as if there weren't enough ways of being an audio spy, the good old light bulb has become a nemesis to be feared: Any light bulb in a room that is visible from the window can be used to spy on your conversations from afar.

A team of researchers at the Ben-Gurion University of the Negev in Israel has found that the vibration patterns in a light bulb can enable us to recover full conversations from hundreds of feet away.

But how can that be possible? The thing about the hanging bulb is that it acts both as a diaphragm and transducer. Apparently, these two, sound waves cascading on its surface and it converting air pressure from sound to small changes in light, means it is a useful gadget for intruders.

The paper states, "We show how fluctuations in the air pressure on the surface of the hanging bulb (in response to sound), which cause the bulb to vibrate very slightly (a millidegree vibration), can be exploited by eavesdroppers to recover speech and singing, passively, externally, and in real time." more

Convicted Spy Granted Citizenship

A former Navy intelligence analyst who spent 30 years behind bars for selling U.S. military secrets to Israel, arrived in Israel on Wednesday where he and his wife were granted citizenship by Prime Minister Benjamin Netanyahu.

Jonathan Pollard, 66, triumphantly kissed the ground as he disembarked from the aircraft after it landed in Ben Gurion International airport near Tel Aviv. more

From Those Wonderful Folks Who Gave Us...

"Gloworm" Eavesdropping and Air-Gaped Computer Hacks

After a long day at work, the modern goldfish no longer has to take public transportation home—it can drive via a fish-operated vehicle (FOV), according to new research published in Behavioural Brain Research.

Documented in a report published in the February 2022 issue of the peer-reviewed journal, researchers at Ben-Gurion University of the Negev in Beersheba, Israel, set out to unpack how well goldfish can navigate terrestrial environments when tasked with the right tools. They created a small camera-equipped fish tank on wheels, which they call an FOV, and put six goldfish in it, one at a time. 

The fish managed to avoid dead ends and correct inaccuracies... Goldfish navigate land very well, it turns out. more 

(Next up, Exocoetidaes in airplanes.) 

He's Back... The Air Gap Computer Hack

Researchers at the Ben-Gurion University of the Negev (BGU) Cyber Security Research Center have discovered that virtually any cellphone infected with a malicious code can use GSM phone frequencies to steal critical information from infected “air-gapped” computers.

Air-gapped computers are isolated -- separated both logically and physically from public networks -- ostensibly so they cannot be hacked over the Internet or within company networks.


Led by BGU Ph.D. student Mordechai Guri, the research team discovered how to turn an ordinary air-gapped computer into a cellular transmitting antenna using software that modifies the CPU firmware. GSMem malicious software uses the electromagnetic waves from phones to receive and exfiltrate small bits of data, such as security keys and passwords...

This is the third threat the BGU cyber team has uncovered related to what are supposed to be secure, air-gapped computers. Last year, the researchers created a method called Air-Hopper, which utilizes FM waves for data exfiltration. Another research initiative, BitWhisper, demonstrated a covert bi-directional communication channel between two close-by air-gapped computers using heat to communicate. more

Air-Gapped PC Power Supplies Spills the Screens

One of the most secure system arrangements today consists of air-gapped PCs. The reason being their total disconnection from the internet.

In February this year, it was reported that hackers can steal data from air-gapped PC using screen brightness and now the same can be done through their power supply.

Mordechai Guri, a cybersecurity researcher from the Israeli Ben Gurion of the Negev University has conducted an experiment that shows how power supply units (PSUs) can be exploited to extract information from both an air-gapped & audio-gapped computer.

Termed as POWER-SUPPLaY; the malware exploits the PSU using it as an “out-of-band, secondary speaker with limited capabilities”. The data that can be extracted includes different files & information of the user’s keystrokes transmittable up to 1 meters away along with passwords and encryption keys that the attacker could receive with a device that is five meters away from such as a smartphone...

The research does not deal with the question of how the malware will be implemented in the first place. The technique is very clever nonetheless. more

Off-the-shelf Smart Devices Easy to Hack

Off-the-shelf devices that include baby monitors, home security cameras, doorbells, and thermostats were easily co-opted by cyber researchers at Ben-Gurion University of the Negev (BGU). As part of their ongoing research into detecting vulnerabilities of devices and networks expanding in the smart home and Internet of Things (IoT), the researchers disassembled and reverse engineered many common devices and quickly uncovered serious security issues.

"It is truly frightening how easily a criminal, voyeur or pedophile can take over these devices," says Dr. Yossi Oren, a senior lecturer in BGU's Department of Software and Information Systems Engineering and head of the Implementation Security and Side-Channel Attacks Lab at Cyber@BGU. "Using these devices in our lab, we were able to play loud music through a baby monitor, turn off a thermostat and turn on a camera remotely, much to the concern of our researchers who themselves use these products."

"It only took 30 minutes to find passwords for most of the devices and some of them were found only through a Google search of the brand," says Omer Shwartz, a Ph.D. student and member of Dr. Oren's lab. "Once hackers can access an IoT device, like a camera, they can create an entire network of these camera models controlled remotely." more

Optical Spying Through Office Windows

With talented hackers able to break into just about any device that's connected to the internet, from a computer to a car, the best way to keep sensitive data safe is to cut the cord completely.

Keeping an "air gap" between a hard drive and other devices forces any would-be thief to physically go to the machine ... or so you might think. Cyber security researchers have shown that hackers could hijack the innocent flashing LED on the outside of a computer, and use it to beam a steady stream of data to a waiting drone.

...digital criminals can be extremely crafty, using acoustic signals to jump the air gap between devices from a distance or untangling typed text by listening via Skype to the clickety-clack of a keyboard.

Now, a team at the Ben-Gurion University Cyber Security Research Center has demonstrated a new way that creative crooks could crack that isolated data. A piece of malware infecting an air-gapped computer could harness the hard drive's LED, making it flash in a very controlled and very fast manner. Flickering thousands of times a second, the virus could blink out a binary code of the desired data, at a rate that a human sitting at that computer wouldn't even notice. Special cameras or light sensors – say from a drone hovering at the window, with a line of sight to the LED – could then receive and record that information. more

Spybusters Tip #792: External visual surveillance through windows is easy using high-powered optics, or even cameras on drones. Keep computer screens, and their blinky lights, away from external line-of-sight. 

Spybusters Tip #793: Enforce a "Clear Desk Policy" when sensitive information is not actively being used. ~Kevin

Yet Another Air-Gapped Computer Hack

Academics from an Israeli university have published new research today detailing a technique to convert a RAM card into an impromptu wireless emitter and transmit sensitive data from inside a non-networked air-gapped computer that has no Wi-Fi card.

Named AIR-FI, the technique is the work of Mordechai Guri, the head of R&D at the Ben-Gurion University of the Negev, in Israel.

Over the last half-decade, Guri has led tens of research projects that investigated stealing data through unconventional methods from air-gapped systems. 

These types of techniques are what security researchers call "covert data exfiltration channels." They are not techniques to break into computers, but techniques that can be used to steal data in ways defenders aren't expecting. more

Turn Any Computer Into an Eavesdropping Device

Researchers at Israel’s Ben-Gurion University of the Negev have devised a way to turn any computer into an eavesdropping device by surreptitiously getting connected headphones or earphones to function like microphones.

In a paper titled "SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit," the researchers this week described malware they have developed for re-configuring a headphone jack from a line-out configuration to a line-in jack, thereby enabling connected headphones to work as microphones.

The exploit works with most off-the-shelf headphones and even when the computer doesn’t have a connected microphone or has a microphone that has been disabled, according to the researchers. more

 Spoiler Alert: It ain't easy to do, or likely to happen to you. ~Kevin

Smartphone Replacement Parts as Spies

If cracking your smartphone’s touchscreen wasn’t bad enough, researchers have found out a new security threat that might emerge out following the replacement of your touch screen as it has been found out that the replaced units might contain hardware that could hijack a device. 

A paper presented by researchers at Ben-Gurion University of Negev, Israel, at the 2017 Usenix Workshop on Offensive Technologies, shows how smartphone replacement units can be a security risk for the user.

Click to enlarge.

According to the researchers, devices with cracked touchscreens or even other damaged components are prone to security risks as the replaced parts installed by a repair shop might contain additional hardware that can hijack the device and track usage, log keystrokes, install other malicious apps, access files and more. more

Air-Gapped Computer Hack

Ben-Gurion University of the Negev (BGU) researchers have discovered a new method to breach air-gapped computer systems called “BitWhisper” which enables two-way communications between adjacent, unconnected PC computers using heat.

The research, conducted by Mordechai Guri, Ph.D. is part of an ongoing focus on air-gap security at the BGU Cyber Security Research Center. Computers and networks are air-gapped when they need to be kept highly secure and isolated from unsecured networks, such as the public Internet or an unsecured local area network. Typically, air-gapped computers are used in financial transactions, mission critical tasks or military applications.

According to the researchers, “The scenario is prevalent in many organizations where there are two computers on a single desk, one connected to the internal network and the other one connected to the Internet. BitWhisper can be used to steal small chunks of data (e.g. passwords) and for command and control." View BitWhisper video demo. more