A team of researchers at Germany's Fraunhofer Institute discovered a novel method for malware transmission using inaudible sound waves, specifically frequencies below 20Hz. They demonstrated this concept by successfully transmitting small amounts of data, including keystrokes and passwords, between two Lenovo laptops using built-in speakers and microphones, achieving speeds of up to 20 bits per second over distances of 65 feet without an internet connection. This approach even bypassed air gap security measures, which are designed to protect sensitive systems. While this "acoustic malware" is currently a proof-of-concept and not in active use, it raises concerns about the potential vulnerabilities in secure environments. The research highlights the importance of understanding diverse attack vectors and underscores the need for future countermeasures.
When handling our precious PCs and laptops, we’re sometimes a little nervous of those internet baddies that can come over with a bad click, a poor download or an ill-fated email. Well, get ready because those fears are about to be kicked up a notch. A team of computer scientists over at the Germany’s Fraunhofer Insitute for Communication, Information Processing and Ergonomics discovered a new way that malware (short for malicious software) can attack your computer: inaudible sound. Ever since they released their findings in the form of a research paper in November 2013, the IT world has been in a tizzy over this technology. Let that sink in for a minute. Sound that can’t even be heard is now going to be the new mode of transportation for viruses? You bet. Frequencies, the high or low pitches that are over 20Hz are audible, but anything below that level is called infrasonic and is actually inaudible. To learn more about frequency’s partner, volume or decibel, check out our previous blog. So how in the world is malware being transported acoustically?
Acoustic malware: How it works
The software uses inaudible audio signals to communicate and can secretly exchange sensitive data and even keystrokes without an internet connection. The scientists successfully tested the acoustic malware on two Lenovo T400 laptops and transmit the malware through the laptops built-in microphone and speakers. They managed to send small amounts of data (20 bits per second) and passwords to each other at distances of 65 feet. On top of that, it was all done without the use of internet or Wi-Fi connection and even jumped air gaps, a security measure that is taken for computers and networks that are meant to be extremely protected. Now that that air gaps are also proven to be in trouble, techies around the world are a little worried. But don’t throw out your Macs and Toshibas just yet: what the scientists have created is just proof-of-concept software and isn’t actually in use. However, we now know that the ability is there and coupled with the researchers’ overarching goal to raise awareness on different kinds of malware attacks, countermeasures will surely soon be developed. The idea of your computer getting infected using sound can be alarming, but look at all the other great things sound can do! From working as a vaccine to prevent drug induced hearing loss, to being causing human and animal emotion and can even help creatures figure out their surroundings using echolocation. We have also gathered together some great TED Talks all about hearing and sound for those who are interested in further exploring the topic.by Esther Shasho
The above is the interpretation of Is Acoustic Malware a Real Threat? provided by Chinese hearing aid supplier Shenrui Medical. Link https://www.srmcm.com/Blog/Is_Acoustic_Malware_a_Real_Threat.html of this article is welcome to share and forward. For more hearing aid related information, please visit Blog or take a look at our Hearing aids products
