Devious new cyberattack leaks secrets from LCD screen noise on air-gapped computers

Samsung
(Image credit: Samsung)

If you thought the recent RAMBO side-channel attack was straight out of a James Bond movie, wait until you hear about PIXHELL.

Recently, cybersecurity researchers from Ben-Gurion University of the Negev, Israel, the same group which discovered RAMBO, are now reporting on PIXHELL, a side-channel attack that can exfiltrate sensitive data through the frequencies emitted by - the LCD display.

Apparently, one can force the display to emit a specific frequency in the range between 0-22 kHz. The signals sent that way can then be picked up by nearby devices, such as smartphones, decoded, and read. So, in theory, one could steal passwords and other sensitive data that way.

Attacking air-gapped systems

The attack is obviously a long shot, but with state-sponsored threat actors lurking about, it’s not that hard to imagine spies using it. Since the upload rate is super slow (20 bits per second (bps)), small files and pieces of text is all one can expect to grab. Furthermore, the attacker is required to stand relatively close to the vulnerable device (just a few meters) for the upload to succeed.

The researchers argue that this type of attack can be leveraged against air-gapped systems. Those are computers that are disconnected from networks and the wider internet, in order to prevent any unauthorized access. So, even if a user inadvertently introduces malware (for example, via a compromised USB device), the malware would still have no way to exfiltrate the data, since the computer is disconnected from the internet.

In those scenarios, cybercriminals and state-sponsored actors usually turn to side-channel attacks, in which different physical or behavioral characteristics allow for indirect information leakage. Things like power consumption, timing information, electromagnetic emissions, or even sound, can all be leveraged to extract certain important data.

By analyzing these characteristics, attackers can infer secret data, like encryption keys, without needing to break the encryption itself. Side-channel attacks are often passive, making them difficult to detect.

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

TOPICS