MOSQUITO is new technique devised by a team of researchers at Israel’s Ben Gurion University, led by the expert Mordechai Guri, to exfiltrate data from an air-gapped network.
The technique leverage connected speakers (passive speakers, headphones, or earphones) to acquire the sound from surrounding environment by exploiting a specific audio chip feature.
The MOSQUITO technique establishes a covert ultrasonic transmission between two air-gapped computers using speaker-to-speaker communication.
“In this paper, we show how two (or more) airgapped computers in the same room, equipped with passive speakers, headphones, or earphones can covertly exchange data
via ultrasonic waves.” reads the research paper.
“Microphones are not required. Our method is based on the capability of a malware to exploit a specific audio chip feature in order to reverse the connected speakers from output devices into input devices.”
The experts rely on the way speakers/headphones/earphones respond to the near-ultrasonic range (18kHz to 24kHz) to exploit the hardware that can be reversed to perform as microphones.
The Israeli team tested the MOSQUITO technique with different equipment at
various distances and transmission speeds.
The technique is stealth, two computers exchange data via audible sounds using speakers and headphones making impossible to discover it.
The experts shared two video proof-of-concept videos that show two air-gap computers in the environment that were infected with a malicious code developed by the experts.
To read the original article: