AiR-ViBeR: the hack that exploits PC fans

Cyber ​​risks, as we know, have always been around the corner.

They are insidious and can even silently affect the data of companies and individuals quite easily, if not adequately protected.

Some threats are “louder” than others: Mordechai Guri, an Israeli researcher at Ben Gurion University of the Negev, managed to steal data from a PC, not connected to any network connection, by exploiting the vibration of the fans.

The hack is called AiR-ViBeR and in order to work it needs to gain access to a PC and a second device that is in close proximity, such as a smartphone.

Read more related articles on our blog.

 

But how does it work?

The intrusion method is very simple.

The PC works as a vibration transmitter and the smartphone as a receiver. Once installed on the PC, a malware regulates the level of mechanical vibrations generated by the computer by controlling the rotation speed of the fan.

This data is transferred to a smartphone positioned a handful of centimeters away via the accelerometer sensor.

Through this expedient, the attack allows the hacker to extract files from the computer by converting them into signals emitted in the form of binary code (0-1) to a specific web page or to a recipient and then decrypted.

 

Security Risks

Is there anything to worry about? Yes, and no.

Why you should be concerned. This intrusion technique has many advantages for hackers. The most convenient port of entry they could take advantage of is that of accelerometers:

  • No authorizations are required. The accelerometers of smartphones operating on IOS and Android systems are safety sensors, therefore they do not require user permission.
  • No detection of accelerometer activity.
  • JavaScript access. Access to the accelerometer can be done on a web browser using a standard JavaScript code. This implies that the hacker can access the accelerometers without tampering with the receiving smartphone with malware.

Why not to worry (too much): this technique has many limitations.

AiR-ViBeR has inherent drawbacks involving the small amount of data that can be transferred and the need to control two infected devices in the same environment for several hours, the time required to transfer a medium-sized file.

The smartphone must be placed within a radius of 5 meters and the transmission speed is only 50 bits per second. It is roughly equivalent to 22.5 kb per hour, so you will only be able to transmit textual data. And even in this case we are talking about 10,000 words per hour.

Therefore, the software could be more effective if it were used to steal a specific file with a low weight, such as a text document or a single image.

Furthermore, being conceived in the context of research, the attack was carried out for purely experimental purposes.

 

Conclusions

For many security experts, it is not worth securing what is not connected to the network, because it is not vulnerable to attack.

Guri and his colleagues proved them wrong.

It is fascinating that sound could be used to steal data from systems with no data connection (Wi-Fi, wired or Bluetooth) and speakers.

The slowness and limitations that we have listed are enough in themselves to understand that such an attack remains unlikely.

For the moment, of course.