Even Air-Gapped Computers Can Covertly Exchange Data: MOSQUITO Attack

Last month, a team of security researchers demonstrated how cyber attackers could pwn air-gapped computers protected inside a Faraday cage and steal data from them. The same team two years also demonstrated how attackers could listen to private conversations by reversing headphones into a microphone, like a bug listening device.

Recently, this outstanding team of researchers has taken their work to the next level and came up with another report showing how two or more air-gapped computers placed inside the same room can secretly communicate and exchange data via ultrasonic waves.

Air-gapped computers are believed to be the most secure setup, but now it seems to be a myth. Dubbed as MOSQUITO, a new attack has been unearthed by a team of researchers at Israel's Ben Gurion University. This attack works by reversing connected speakers into microphones by exploiting a specific audio chip feature.

Since some speakers or headphones or earphones respond really well to the near-ultrasonic range (18 kHz to 24 kHz), the team has found that such hardware can be modified to perform as microphones. Furthermore, when it is about secret communication, it is obvious that two or more computers can never exchange data via audible sounds. So, inaudible ultrasonic waves offer the best acoustic covert route for speaker-to-speaker communication.

The proof-of-concept videos of the MOSQUITO attack scenarios demonstrated by researchers have been uploaded to YouTube. The videos involve two air-gap computers inside a room, which are infected with malware using removable media. The attack scenarios include speaker-to-speaker communication, speaker-to-headphones communication, and headphones-to-headphones communication.

The results are:

• The speaker-to-speaker communication works pretty well to secretly transmit data between two air-gapped computers positioned at a maximum of nine meters away from one another.
• Two headphones with microphones can also exchange data from a distance of three meters apart.
• By using loudspeakers, data can be exchanged over an air-gap computer from a distance of eight meters away with an effective bit rate of 10 to 166 bit per second.