- May 11, 2013
- 1,687
The research acts as a proof-of-concept for claims made by security researcher Dragos Ruiu, who is believed to have discovered just such a virus in the wild. Ruiu claimed that the malware he had discovered, dubbed badBIOS, allowed infected machines to "whisper" to one another, and repair the malware while it was being removed.
Abstract—Covert channels can be used to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system. We construct a covert channel between different computing systems that utilizes audio modulation/demodulation to exchange data between the computing systems over the air medium. The underlying network stack is based on a communication system that was originally designed for robust underwater communication. We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range. We further demonstrate how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks. A covert acoustical mesh network can be conceived as a botnet or malnet that is accessible via nearfield audio communications. Different applications of covert acoustical mesh networks are presented, including the use for remote keylogging over multiple hops. It is shown that the concept of a covert acoustical mesh network renders many conventional security concepts useless, as acoustical communications are usually not considered. Finally, countermeasures against covert acoustical mesh networks are discussed, including the use of lowpass filtering in computing systems and a host-based intrusion detection system for analyzing audio input and output in order to detect any irregularities.
Hello guys,
We all are aware of traditional signature based AV and the newer Zero-Day and Cloud technologies.
However the Fraunhofer Institute for Communication, Information Processing, and Ergonomics,
has developed techniques to proof the above claims, if this is true (Which has been proven) then what implications would this have for the internet community as a whole, and what impact would it have towards, costumers, companies and government organisations.
Because according to the researchers there has been indirect evidence that some malware may be in the wild for some time now, that virtually cancels out ANY av solution because it operates according to a complete different routine.
On a personal level, i am aware of the new techniques due to my years of exp, but truth to be said when did read this article, i could not help the fact thinking that some of this must have been government sponsored, because even tho hackers do have the capability to role out new techniques, this level of sophistication is limited to a few only.
Given the general idea that AV vendors are practically always one or 2 steps behind, it would be a no brainer to assume that if any of this article is remotely true, that major security companies around the world, and security suppliers and vendors are bypassed for the time being, leaving costumers around the world within a fake security bubble.
So what do you think? Please share your constructive idea s.