HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Blogs
Blog

Malware That’s Transmitted Through Sound

NO RATINGS
View Comments: Oldest First|Newest First|Threaded View
Page 1/3  >  >>
Elizabeth M
User Rank
Blogger
New Threat
Elizabeth M   12/18/2013 8:54:56 AM
NO RATINGS
Well this is fascinating technology but we don't really need another way for malware to be transmitted, do we? It's good to know people don't have to worry about this quite yet nor that much data can be transmitted this way. But who knows what can happen if a clever hacker gets ahold of it and messes with the code.

Nancy Golden
User Rank
Platinum
Re: New Threat
Nancy Golden   12/18/2013 9:52:25 AM
NO RATINGS
I agree, Elizabeth. It puzzles me as to so much time, money, and energy being directed at developing something that seems to say - yes - this can be done. As with any malicious software - the nature of the beast must be known in order to institute countermeasures but was it really necessary to conduct all of that research and develop their own algorithm? Now hackers are aware of audio possibilities they may have not considered before.

78RPM
User Rank
Gold
Re: New Threat
78RPM   12/18/2013 12:38:18 PM
NO RATINGS
I'm taking the Digi-Key Design News class this week on SCADA Security. The instructor Clint Bodungen states that by the time a vulnerability goes public, it has already been in circulation. Publicity is important because it lets the "good guys" know about possible attacks from the "bad guys."

Nancy Golden
User Rank
Platinum
Re: New Threat
Nancy Golden   12/18/2013 12:45:37 PM
NO RATINGS
That is a very good point 78RPM - I am just wondering what justified a full blown effort at developing malware when as they have stated, "However, the scientists have divulged several counter measures that can be put into place to nullify acoustical intrusions, with one being simply to shut off the PCs audio input/output devices. Another method is to install audio filters that are capable of blocking certain high frequency ranges that are used to transmit covert data."

It seems to me that developing countermeasures against known audio technology would not require creating malicious code to test it - audio sent at different frequencies could have provided the same stimulus.

Charles Murray
User Rank
Blogger
More solutions needed
Charles Murray   12/18/2013 6:20:03 PM
NO RATINGS
I have no objection to studies being done on this, I just wish the studies had included more ways of addressing the problem. Shutting down the audio input/output of the computer isn't a solution. I'd like to hear more about the audio filters they mentioned. As it stands now, we've verified that there is a potential problem, thus providing malicious new ideas for hackers who weren't already aware of it, but we're admitting we don't really know much about the solution. This seems wrong. As 78RPM points out, if the vulnerability is public, circulation of the problem can't be far behind.

marswalker
User Rank
Iron
Re: New Threat
marswalker   12/19/2013 9:35:12 AM
NO RATINGS
Perhaps not so new?  Though there has been a lot of speculation that "it couldn't possibly be real", BadBIOS is reported to use exactly this kind of vulnerability to re-infect machines while they are being "cleaned" by antivirus software, etc.

brhans
User Rank
Iron
Its all hype
brhans   12/19/2013 9:37:17 AM
I can't imagine how this could ever be a serious vulnerability. In order for the receiving device to be even the tiniest bit succeptible to infection it first needs to be actually listening (which most devices are not) and then even if it were listening, it would need to be doing so in such a way as to make the sound 'information' received executable as code.

The only way this would ever work is if the receiving device already has some sort of software (malware) installed and running to allow this - and if this is already pre-installed, then you've already been infected by more conventional means.

All these 'researchers' have really done is build themselves an acoustic modem which annoys dogs. Acoustic modems in various forms have been around for decades. Whether or not it can successfuly be used to transmit 'malware' is entirely dependant on what is on the receiving end listening. Even the most virulent malware will hit a dead end if it falls on deaf ears.

Its just a communications medium, not a particularly novel or useful one, and doesn't deserve the hype from trying to associate it with malware.

Elizabeth M
User Rank
Blogger
Re: New Threat
Elizabeth M   12/19/2013 10:10:05 AM
NO RATINGS
Wow, so this threat is already being exploited it seems, if what you say is true, marswalker.

Elizabeth M
User Rank
Blogger
Re: New Threat
Elizabeth M   12/19/2013 10:29:34 AM
NO RATINGS
So as another reader pointed out, then, 78RPM, these sound-based malware threats are already out there and being exploited. What can be done now?

marswalker
User Rank
Iron
Re: New Threat
marswalker   12/19/2013 10:39:04 AM
NO RATINGS
Here is the article I read this about on at the end of summer: http://www.infosecurity-magazine.com/view/35661/badbios-the-god-of-malware/

Page 1/3  >  >>
Partner Zone
More Blogs
Hacking has a long history in the movies, beginning with Tron and War Games and continuing through The Girl with the Dragon Tattoo.
In a line of ultra-futuristic projects, DARPA is developing a brain microchip that will help heal the bodies and minds of soldiers. A final product is far off, but preliminary chips are already being tested.
New manufacturing is changing more than just the plant floor. It's changing how manufacturers do business.
Venture capital guru Steve Vassallo looks for companies that think about design, not just technology for technology's sake.
In this TED presentation, Wayne Cotter, a computer engineer turned standup comic, explains why engineers are natural comedians.
Design News Webinar Series
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
7/17/2014 11:00 a.m. California / 2:00 p.m. New York
6/25/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Sep 22 - 26, MCU Software Development – A Step-by-Step Guide (Using a Real Eval Board)
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: September 30 - October 2
Sponsored by Altera
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service