AirHopper, the malware that infects your corporate network even though you are not connected to the Internet

Seems logical, doesn’t it? If your company has ever warned you that you must tread very carefully when browsing the Internet so that your computer (and sooner or later, every computer in the office) does not get infected with a virus, it would be normal to think that going offline is not a bad (although drastic) alternative.

We are very sorry but you cannot rest easy even if the computer you use at work is not connected to the Internet; it is still vulnerable unless you have an enterprise antivirus solution like Panda Advanced Protection Services.

disconnected-computer

To start, a pen drive can easily replace the Internet for malicious pursuits. Your work computer’s USB port will thereby become your Internet connection, as far as viruses are concerned, as this would be its entrance.

However, USB ports are not your work computer’s only weak spot if you do not have an Internet connection. There are other vulnerabilities that compromise, and greatly, the security of your computer.

One of these vulnerabilities lies in the radio receivers on smartphones and electromagnetic signals, as proven by AirHopper, a malware that can infect a computer and collect data from it without needing it to be online.

Although it sounds complicated, a group of researchers in Israel have proved it in a study: A computer without an Internet connection is also vulnerable. To start, the cyber-crook needs to install AirHopper on the computer. That is undoubtedly the largest hurdle faced by data thieves because unfortunately, the rest is a breeze.

Once AirHopper is installed on the computer, the malware uses the monitor to emit electromagnetic signals whenever a key is pressed. The cyber-criminal, who must be within seven meters of the computer, will need a smartphone with FM radio to receive the data typed on the computer.

According to the researchers, the data can be transmitted from the computer to the cyber-criminal’s smartphone screen at a rate of 13 to 60 bytes per second.

It might not seem like a fast method that downloads large amounts of data but it is fast enough for a cyber-criminal to steal passwords in just 8 seconds or short texts that you type into your work computer.

AirHopper

Fortunately, it is a type of attack that will probably not go beyond being a proof of concept, as in order to carry it out the cyber-criminal needs physical access to the computer in order to infect it, and then needs to be close by in order to receive the data you type on their smartphone. In addition, not all monitors can emit electromagnetic waves that are strong enough.

So now you know; if you want to keep your company secure from these types of threats, request a free demo of Panda Advanced Protection Services and our team of experts will help you with whatever you need.

The post AirHopper, the malware that infects your corporate network even though you are not connected to the Internet appeared first on MediaCenter Panda Security.

Leave a Reply