Connect with us

Hi, what are you looking for?

Jewish Business News

Cyber, Security

Israeli Cyber Researchers Discover How any Network Router Can Covertly Leak Data

This covert channel is currently not monitored and it enables attackers to leak data while evading firewalls, air-gaps, and other data-leakage

 

Researchers at the Ben-Gurion University of the Negev (BGU) have demonstrated for the first time that it is possible to covertly siphon sensitive files, passwords or other critical data from any common router.

In the new paper, the researchers demonstrated how LEDs functionality can be silently overridden by malware they developed (code named “xLED”), which infects firmware in the device. Once the xLED malware infects the network device, it gains full control of the LEDs that flash to indicate status.

Please help us out :
Will you offer us a hand? Every gift, regardless of size, fuels our future.
Your critical contribution enables us to maintain our independence from shareholders or wealthy owners, allowing us to keep up reporting without bias. It means we can continue to make Jewish Business News available to everyone.
You can support us for as little as $1 via PayPal at [email protected].
Thank you.

Network devices such as routers and local area network switches typically include activity and status LEDs used to monitor traffic activity, alerts and provide status.

According to Dr. Mordechai Guri, head of research and development at the Cyber Security Research Center (CSRC), who led this study, “Sensitive data can be encoded and sent via the LED light pulses in various ways. An attacker with access to a remote or local camera, or with a light sensor hidden in the room, can record the LED’s activity and decode the signals.”

 

 

Unlike network traffic that is heavily monitored and controlled by firewalls, this covert channel is currently not monitored. As a result, it enables attackers to leak data while evading firewalls, air-gaps (computers not hooked up to the internet) and other data-leakage prevention methods.

The xLED malware can program the LEDs to flash at very fast speeds – more than 1,000 flickers per second for each LED. Since a typical router or network switch includes six or more status LEDs, the transmission rate can be multiplied significantly to as much as thousands of bits per second. As a result, a significant amount of highly sensitive information can be encoded and leaked over the fast LED signals, which can be received and recorded by a remote camera or light sensor.

The BGU CSRC has a dedicated research program to uncover and demonstrate vulnerabilities of electronic devices. Over the past two years, they have successfully demonstrated how malware can siphon data from computer speakers, headphone jacks, hard drives, and computer fans, as well as 3D printers, smartphones, LED bulbs, and other IoT devices.

 

Newsletter



You May Also Like

World News

In the 15th Nov 2015 edition of Israel’s good news, the highlights include:   ·         A new Israeli treatment brings hope to relapsed leukemia...

Life-Style Health

Medint’s medical researchers provide data-driven insights to help patients make decisions; It is affordable- hundreds rather than thousands of dollars

Entertainment

The Movie The Professional is what made Natalie Portman a Lolita.

History & Archeology

A groundbreaking discovery in the Manot Cave in the Western Galilee, Israel has unearthed the earliest evidence in the Levant (and among the world's...