Jump to content

New malware able to transmit data through hard drive sounds

Godlygamer23
By Godlygamer23
in Tech News
 Share
Posted

As it stands, malware is very versatile and always changing. Security software has to be constantly updated and improved in order to be effective enough to protect users from anything that might come their way. Well, it looks like we're adding another one to the list. This malware is known as DiskFiltration which is able to use a nearby device to pick up sounds from a hard drive(aka, you need to have a microphone in order for this to actually work, and once that is sensitive enough to pick up hard drive noises coming from your chassis, which is not really possible all the time).

 

From the paper that researchers put information into, they stated this: "Malware installed on a compromised machine can generate acoustic emissions at specific audio frequencies by controlling the movements of the HDD's actuator arm." With the manipulation of the arm that reads/writes data from/to the platters, it's been shown that a code can be relayed to any malicious devices nearby that are designed to pick up the code in audio form.

 

This is similar to Fansmitter where fans could be used to transmit certain data. But I guess you're protected from it if you have your fans controlled by a fan controller that is not connected to the system in any way except the power supply. I can only see that being used as a marketing term for a pre-built PC someone is trying to sell.

 

That being said, both Fansmitter and DiskFiltration require the machine to already be compromised, and as mentioned at the outset, you also need to have an intercepting device, which I imagine would also need to be compromised already as well, which makes this malware extremely difficult to actually use. Another thing that's very limiting is the amount of data that can be transferred per second, which is only 180 bits per minute. However, it could be used to transfer things like passwords. Since SSDs do not make any rotational noises at all due to how they function, users of SSDs do not have to worry about this malware, although I'm guessing no one really does. But it does show what's possible.

 

You can find the video below with the researchers demonstrating how it works:

 

As for my source:

http://www.sciencealert.com/this-new-hack-makes-your-pc-leak-sensitive-information-via-noises-from-the-hard-drive

 

"It pays to keep an open mind, but not so open your brain falls out." - Carl Sagan.

"I can explain it to you, but I can't understand it for you" - Edward I. Koch

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

That's more something like secret services would use to target very specific people!

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Everyone, quick, switch to SSDs!

 

/s

Project White Lightning (My ITX Gaming PC): Core i5-4690K | CRYORIG H5 Ultimate | ASUS Maximus VII Impact | HyperX Savage 2x8GB DDR3 | Samsung 850 EVO 250GB | WD Black 1TB | Sapphire RX 480 8GB NITRO+ OC | Phanteks Enthoo EVOLV ITX | Corsair AX760 | LG 29UM67 | CM Storm Quickfire Ultimate | Logitech G502 Proteus Spectrum | HyperX Cloud II | Logitech Z333

Benchmark Results: 3DMark Firestrike: 10,528 | SteamVR VR Ready (avg. quality 7.1) | VRMark 7,004 (VR Ready)

 

Other systems I've built:

Core i3-6100 | CM Hyper 212 EVO | MSI H110M ECO | Corsair Vengeance LPX 1x8GB DDR4  | ADATA SP550 120GB | Seagate 500GB | EVGA ACX 2.0 GTX 1050 Ti | Fractal Design Core 1500 | Corsair CX450M

Core i5-4590 | Intel Stock Cooler | Gigabyte GA-H97N-WIFI | HyperX Savage 2x4GB DDR3 | Seagate 500GB | Intel Integrated HD Graphics | Fractal Design Arc Mini R2 | be quiet! Pure Power L8 350W

 

I am not a professional. I am not an expert. I am just a smartass. Don't try and blame me if you break something when acting upon my advice.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

...why are you still reading this?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
2 minutes ago, ThinkWithPortals said:

Everyone, quick, switch to SSDs!

 

/s

Unless malware can be used to use electrical noise purely to gather data. If it's loud enough anyways.

"It pays to keep an open mind, but not so open your brain falls out." - Carl Sagan.

"I can explain it to you, but I can't understand it for you" - Edward I. Koch

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

another reason to join the SSD masterrace :P

still though, this is absolutely terrifying! how the hell are you going to protect yourself from attacks like these? 

-Phoenix-  -VouwFabriek- -SolidNAS- 

BlackMac Woody Clack Virtuality Lil'Lad Plot-Device Boerderij

all your proteins are belong to us.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
8 minutes ago, Tech_Dreamer said:

**Looks suspiciously at the case**

Mine would be a perfect candidate. The drive bays are so bad you can feel the vibrations by touching the desk. And they're perfectly audiable. That's why I have a HDD mounted on the bottom. The malware can probably make music with the vibrations like some old floppy drive.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, RollinLower said:

another reason to join the SSD masterrace :P

still though, this is absolutely terrifying! how the hell are you going to protect yourself from attacks like these? 

Considering you need to have two devices compromised(assuming the host machine has no connection to the Internet), and one of them needs to be connected to the Internet, I find it very unlikely for anyone to be affected by the malware.

"It pays to keep an open mind, but not so open your brain falls out." - Carl Sagan.

"I can explain it to you, but I can't understand it for you" - Edward I. Koch

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
Just now, ModuleLFS said:

Mine would be a perfect candidate. The drive bays are so bad you can feel the vibrations by touching the desk. And they're perfectly audiable. That's why I have a HDD mounted on the bottom. The malware can probably make music with the vibrations like some old floppy drive.

A new genre of music consisting strictly of hard drive clicks and platter spins.

"It pays to keep an open mind, but not so open your brain falls out." - Carl Sagan.

"I can explain it to you, but I can't understand it for you" - Edward I. Koch

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 minutes ago, RollinLower said:

another reason to join the SSD masterrace :P

still though, this is absolutely terrifying! how the hell are you going to protect yourself from attacks like these? 

Sound insulation? PC in the next room?

Main Gaming Rig:

Spoiler

Core i7-4770, Cryorig M9i Cooler, ASUS B85M GAMER, 8GB HyperX Fury Red 2x4GB 1866MHz, KFA2 GTX 970 Infin8 Black Edition "4GB", 1TB Seagate SSHD, 256GB Crucial m4 SSD, 60GB Corsair SSD for Kerbal and game servers, Thermaltake Core V21 Case, EVGA SuperNOVA 650W G2.

Secondary PC:

Spoiler

i5-2500k OCed, Raijintek Themis, Intel Z77GA-70K, 8GB HyperX Genesis in grey, GTX 750 Ti, Gamemax Falcon case.

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

HDD: Vibrating intensifies 

HDD 2: What's going on buddy?

HDD: THEY ARE STEALING MY SOUL!

DARTH VADER: NOOOOOOOOOOOOOOOOOOOOOOOOOO!

CPU: AMD Ryzen 5 5600X | CPU Cooler: Stock AMD Cooler | Motherboard: Asus ROG STRIX B550-F GAMING (WI-FI) | RAM: Corsair Vengeance LPX 16 GB (2 x 8 GB) DDR4-3000 CL16 | GPU: Nvidia GTX 1060 6GB Zotac Mini | Case: K280 Case | PSU: Cooler Master B600 Power supply | SSD: 1TB  | HDDs: 1x 250GB & 1x 1TB WD Blue | Monitors: 24" Acer S240HLBID + 24" Samsung  | OS: Win 10 Pro

 

Audio: Behringer Q802USB Xenyx 8 Input Mixer |  U-PHORIA UMC204HD | Behringer XM8500 Dynamic Cardioid Vocal Microphone | Sound Blaster Audigy Fx PCI-E card.

 

Home Lab:  Lenovo ThinkCenter M82 ESXi 6.7 | Lenovo M93 Tiny Exchange 2019 | TP-LINK TL-SG1024D 24-Port Gigabit | Cisco ASA 5506 firewall  | Cisco Catalyst 3750 Gigabit Switch | Cisco 2960C-LL | HP MicroServer G8 NAS | Custom built SCCM Server.

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

wow so SSDs are now a security measure

Desktop - Corsair 300r i7 4770k H100i MSI 780ti 16GB Vengeance Pro 2400mhz Crucial MX100 512gb Samsung Evo 250gb 2 TB WD Green, AOC Q2770PQU 1440p 27" monitor Laptop Clevo W110er - 11.6" 768p, i5 3230m, 650m GT 2gb, OCZ vertex 4 256gb,  4gb ram, Server: Fractal Define Mini, MSI Z78-G43, Intel G3220, 8GB Corsair Vengeance, 4x 3tb WD Reds in Raid 10, Phone Oppo Reno 10x 256gb , Camera Sony A7iii

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

What the devil how does that even work?! Hard Drive Noises trasmitting data? That sounds incredibly intriguing.

 

But then again am quite intrigued on how we even managed to create a motherboard and give instructions to a motherboard, then somehow make a CPU with more instructions then how to make those instructions to visual/audio. Then ETC AND ETC. 

NEVER GIVE UP. NEVER STOP LEARNING. DONT LET THE PAST HURT YOU. YOU CAN DOOOOO IT

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
7 minutes ago, keNNySOC said:

Next virus gen

 

Transfers your info to there brain

Malware transmits data using brain vibrations xD

hello!

is it me you're looking for?

ᴾC SᴾeCS ᴰoWᴺ ᴮEᴸoW

Spoiler

Desktop: X99-PC

CPU: i7 5820k

Mobo: X99 Deluxe

Cooler: Dark Rock Pro 3

RAM: 32GB DDR4
GPU: GTX 1080

Storage: 1TB 850 Evo, 1TB HDD, bunch of external hard drives
PSU: EVGA G2 750w

Peripherals: Logitech G502, Ducky One 711

Audio: Xonar U7, O2 amplifier (RIP), HD6XX

Monitors: 4k 24" Dell monitor, 1080p 24" Asus monitor

 

Laptop:

-Overkill Dell XPS

Fully maxed out early 2017 Dell XPS 15, GTX 1050 4GB, 7700HQ, 1TB nvme SSD, 32GB RAM, 4k display. 97Whr battery :x 
Dell was having a $600 off sale for the fully specced out model, so I decided to get it :P

 

-Crapbook

Fully specced out early 2013 Macbook "pro" with gt 650m and constant 105c temperature on the CPU (GPU is 80-90C) when doing anything intensive...

A 2013 laptop with a regular sized battery still has better battery life than a 2017 laptop with a massive battery! I think this is a testament to apple's ability at making laptops, or maybe how little CPU technology has improved even 4+ years later (at least, until the recent introduction of 15W 4 core CPUs). Anyway, I'm never going to get a 35W CPU laptop again unless battery technology becomes ~5x better than as it is in 2018.

Apple knows how to make proper consumer-grade laptops (they don't know how to make pro laptops though). I guess this mostly software power efficiency related, but getting a mac makes perfect sense if you want a portable/powerful laptop that can do anything you want it to with great battery life.

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Seems kind of dumb.

If you can get into the network in the first place and compromise a system, then you already have complete access to the information. That's just a lot of extra work for no real tangible benefit, it takes longer, and it's more likely to be noticed.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

data rate is simply too slow for this to even be worth it.

CPU: AMD Ryzen 3700x / GPU: Asus Radeon RX 6750XT OC 12GB / RAM: Corsair Vengeance LPX 2x8GB DDR4-3200
MOBO: MSI B450m Gaming Plus / NVME: Corsair MP510 240GB / Case: TT Core v21 / PSU: Seasonic 750W / OS: Win 10 Pro

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
Just now, rattacko123 said:

Malware transmits data using brain vibrations xD

I mean literally brain,they put a database with 2PB of pure SSD's in there brain,put a virus into your PC and start transmitting data from your PC to there brain and then they stole all of your twinkies

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 minutes ago, TetraSky said:

data rate is simply too slow for this to even be worth it.

passwords can be transmitted easily through this method due to their low file size

hello!

is it me you're looking for?

ᴾC SᴾeCS ᴰoWᴺ ᴮEᴸoW

Spoiler

Desktop: X99-PC

CPU: i7 5820k

Mobo: X99 Deluxe

Cooler: Dark Rock Pro 3

RAM: 32GB DDR4
GPU: GTX 1080

Storage: 1TB 850 Evo, 1TB HDD, bunch of external hard drives
PSU: EVGA G2 750w

Peripherals: Logitech G502, Ducky One 711

Audio: Xonar U7, O2 amplifier (RIP), HD6XX

Monitors: 4k 24" Dell monitor, 1080p 24" Asus monitor

 

Laptop:

-Overkill Dell XPS

Fully maxed out early 2017 Dell XPS 15, GTX 1050 4GB, 7700HQ, 1TB nvme SSD, 32GB RAM, 4k display. 97Whr battery :x 
Dell was having a $600 off sale for the fully specced out model, so I decided to get it :P

 

-Crapbook

Fully specced out early 2013 Macbook "pro" with gt 650m and constant 105c temperature on the CPU (GPU is 80-90C) when doing anything intensive...

A 2013 laptop with a regular sized battery still has better battery life than a 2017 laptop with a massive battery! I think this is a testament to apple's ability at making laptops, or maybe how little CPU technology has improved even 4+ years later (at least, until the recent introduction of 15W 4 core CPUs). Anyway, I'm never going to get a 35W CPU laptop again unless battery technology becomes ~5x better than as it is in 2018.

Apple knows how to make proper consumer-grade laptops (they don't know how to make pro laptops though). I guess this mostly software power efficiency related, but getting a mac makes perfect sense if you want a portable/powerful laptop that can do anything you want it to with great battery life.

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Good thing my PC is basically SSDs now. 

 

Although the drawback is, PC's are becoming so powerful that small malware programs could run and not affect performance.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

At what speeds? 1 bit per second? LOL

And what if there are 2 drives in PC or in the room?

Computer users fall into two groups:
those that do backups
those that have never had a hard drive fail.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Inb4 NSA starts using coil whine to spy on people... Now no one is safe xD 

 

Either that or systemd is forcefully designed to spy on people...

 

/tinfoil hat activated

Your resident osu! player, destroyer of keyboards.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 hours ago, Godlygamer23 said:

A new genre of music consisting strictly of hard drive clicks and platter spins.

Remind me of the Floppy drive dude...

 

 

“I like being alone. I have control over my own shit. Therefore, in order to win me over, your presence has to feel better than my solitude. You're not competing with another person, you are competing with my comfort zones.”  - portfolio - twitter - instagram - youtube

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

 

2 hours ago, RollinLower said:

another reason to join the SSD masterrace :P

still though, this is absolutely terrifying! how the hell are you going to protect yourself from attacks like these? 

By dipping your HDD in concrete

USEFUL LINKS:

PSU Tier List F@H stats

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×