Experts from Negev Cyber Security Research Center at the Ben-Gurion University have demonstrated USBee malware that makes USB devices emit signals that can be received by cheap hardware.
USBee Can Be a Dangerous Weapon in the Hands of Criminals
The research team at the Negev Cyber Security Research Center at the Ben-Gurion University have devised a new USBee malwarethat modifies the functions of affected USB devices. This makes them emit an electromagnetic signal that can be picked up by cheap radio receivers. This is an effective way of spying on air-gapped systems as the malware needs only to be executed on the host device to start running.
The prominent weakness of this method is that it relies upon an actual infection to trigger the signals. The experts have demonstrated USBee in action by using a RTL-SDR software-defined radio receiver and a demodulator to receive the data. The results show that data transmission can be executed at a rate of 80 bytes per second which should be enough to carry account credentials or even longer chunks of text information.
The RTL-SDR receiver is one of the most popular devices that are used by software-defined radio enthusiasts around the world. It can be easily obtained in almost all specialist stores offline or on the Internet. Cyber espionage users can utilize this approach to gather important information from victim machines if they can pass on the crafted malware.
Such methods are popular among hackers as well who want to intrude on air-gapped systems and secured networks.