Meet USBee, the malware that uses USB drives to covertly jump airgaps

Meet USBee, the malware that uses USB drives to covertly jump airgaps:

The software works on just about any storage device that’s compliant with the USB 2.0 specification. Some USB devices such as certain types of cameras that don’t receive a stream of bits from the infected computer, aren’t suitable. USBee transmits data at about 80 bytes per second, fast enough to pilfer a 4096-bit decryption key in less than 10 seconds. USBee offers ranges of about nine feet when data is beamed over a small thumb drive to as much as 26 feet when the USB device has a short cable, which acts as an antenna that extends the signal. USBee transmits data through electromagnetic signals, which are read by a GNU-radio-powered receiver and demodulator. As a result, an already-compromised computer can leak sensitive data even when it has no Internet or network connectivity, no speakers, and when both Wi-Fi and Bluetooth have been disabled. The following video demonstrates USBee in the lab:

While this is still of limited value because you need to infect the airgapped computer in the first place, it’ll only take a while until this exfiltration method is weaponized. Airgaps have long been seen as a key way of keeping highly sensitive data secure but researchers working inside and outside of government keep revealing all the ways in which data can be quietly extracted from such systems. Their successes should give pause to anyone who is concerned about computer security, generally, to say nothing of those interested in the security of government and corporate systems.

%d bloggers like this:
search previous next tag category expand menu location phone mail time cart zoom edit close