HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Blogs
Blog

Malware Thatís Transmitted Through Sound

NO RATINGS
View Comments: Oldest First|Newest First|Threaded View
Page 1/3  >  >>
Elizabeth M
User Rank
Blogger
New Threat
Elizabeth M   12/18/2013 8:54:56 AM
NO RATINGS
Well this is fascinating technology but we don't really need another way for malware to be transmitted, do we? It's good to know people don't have to worry about this quite yet nor that much data can be transmitted this way. But who knows what can happen if a clever hacker gets ahold of it and messes with the code.

Nancy Golden
User Rank
Platinum
Re: New Threat
Nancy Golden   12/18/2013 9:52:25 AM
NO RATINGS
I agree, Elizabeth. It puzzles me as to so much time, money, and energy being directed at developing something that seems to say - yes - this can be done. As with any malicious software - the nature of the beast must be known in order to institute countermeasures but was it really necessary to conduct all of that research and develop their own algorithm? Now hackers are aware of audio possibilities they may have not considered before.

78RPM
User Rank
Platinum
Re: New Threat
78RPM   12/18/2013 12:38:18 PM
NO RATINGS
I'm taking the Digi-Key Design News class this week on SCADA Security. The instructor Clint Bodungen states that by the time a vulnerability goes public, it has already been in circulation. Publicity is important because it lets the "good guys" know about possible attacks from the "bad guys."

Nancy Golden
User Rank
Platinum
Re: New Threat
Nancy Golden   12/18/2013 12:45:37 PM
NO RATINGS
That is a very good point 78RPM - I am just wondering what justified a full blown effort at developing malware when as they have stated, "However, the scientists have divulged several counter measures that can be put into place to nullify acoustical intrusions, with one being simply to shut off the PCs audio input/output devices. Another method is to install audio filters that are capable of blocking certain high frequency ranges that are used to transmit covert data."

It seems to me that developing countermeasures against known audio technology would not require creating malicious code to test it - audio sent at different frequencies could have provided the same stimulus.

Charles Murray
User Rank
Blogger
More solutions needed
Charles Murray   12/18/2013 6:20:03 PM
NO RATINGS
I have no objection to studies being done on this, I just wish the studies had included more ways of addressing the problem. Shutting down the audio input/output of the computer isn't a solution. I'd like to hear more about the audio filters they mentioned. As it stands now, we've verified that there is a potential problem, thus providing malicious new ideas for hackers who weren't already aware of it, but we're admitting we don't really know much about the solution. This seems wrong. As 78RPM points out, if the vulnerability is public, circulation of the problem can't be far behind.

marswalker
User Rank
Iron
Re: New Threat
marswalker   12/19/2013 9:35:12 AM
NO RATINGS
Perhaps not so new?  Though there has been a lot of speculation that "it couldn't possibly be real", BadBIOS is reported to use exactly this kind of vulnerability to re-infect machines while they are being "cleaned" by antivirus software, etc.

brhans
User Rank
Silver
Its all hype
brhans   12/19/2013 9:37:17 AM
I can't imagine how this could ever be a serious vulnerability. In order for the receiving device to be even the tiniest bit succeptible to infection it first needs to be actually listening (which most devices are not) and then even if it were listening, it would need to be doing so in such a way as to make the sound 'information' received executable as code.

The only way this would ever work is if the receiving device already has some sort of software (malware) installed and running to allow this - and if this is already pre-installed, then you've already been infected by more conventional means.

All these 'researchers' have really done is build themselves an acoustic modem which annoys dogs. Acoustic modems in various forms have been around for decades. Whether or not it can successfuly be used to transmit 'malware' is entirely dependant on what is on the receiving end listening. Even the most virulent malware will hit a dead end if it falls on deaf ears.

Its just a communications medium, not a particularly novel or useful one, and doesn't deserve the hype from trying to associate it with malware.

Elizabeth M
User Rank
Blogger
Re: New Threat
Elizabeth M   12/19/2013 10:10:05 AM
NO RATINGS
Wow, so this threat is already being exploited it seems, if what you say is true, marswalker.

Elizabeth M
User Rank
Blogger
Re: New Threat
Elizabeth M   12/19/2013 10:29:34 AM
NO RATINGS
So as another reader pointed out, then, 78RPM, these sound-based malware threats are already out there and being exploited. What can be done now?

marswalker
User Rank
Iron
Re: New Threat
marswalker   12/19/2013 10:39:04 AM
NO RATINGS
Here is the article I read this about on at the end of summer: http://www.infosecurity-magazine.com/view/35661/badbios-the-god-of-malware/

Page 1/3  >  >>
Partner Zone
More Blogs
In-flight shopping magazine, SkyMall, has stalled, nosedived, and crashed into bankruptcy.
Data from a new report from the Information Technology and Innovation Foundation undermine the idea of a US manufacturing renaissance.
Biomimicry has already found its way into the development of robots and new materials, with researchers studying animals and nature to come up with new innovations. Now thanks to researchers in Boston, biomimicry could even inform the future of electrical networks for next-generation displays.
Clean diesel continues to be the fuel of choice for transportation authorities in major U S cities, in spite of competitive options aimed at reducing emissions, according to a nonprofit agency that represents diesel engine and equipment manufacturers.
A panel at this year's Consumer Electronics Show in Las Vegas discussing upcoming FAA regulations for non-military drones brought out many of the issues that concern both industry and federal regulators.
Design News Webinar Series
12/11/2014 8:00 a.m. California / 11:00 a.m. New York
12/10/2014 8:00 a.m. California / 11:00 a.m. New York
11/19/2014 11:00 a.m. California / 2:00 p.m. New York
2/25/2015 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Jan 26 - 30, IPv6 for Micros Ė Hands-On
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  67


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Last Archived Class
Sponsored by Stratasys
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2015 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service