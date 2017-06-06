Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
Security Communications Data Storage Network Networking Privacy

Malware Uses Router LEDs To Steal Data From Secure Networks (bleepingcomputer.com) 20

Posted by BeauHD from the see-the-light dept.
An anonymous reader writes: Researchers from the Ben-Gurion University of the Negev in Israel have developed malware that when installed on a router or a switch can take control over the device's LEDs and use them to transmit data in a binary format to a nearby attacker, who can capture it using simple video recording equipment. The attack is similar to the LED-it-GO attack developed by the same team, which uses a hard drive's blinking LED to steal data from air-gapped computers. Because routers and switches have many more LEDs than a hard drive, this attack scenario is much more efficient, as it can transmit data at about the same speed, but multiplied by the number of ports/LEDs. Researchers say they were able to steal data by 1000 bits/ per LED, making this the most efficient attack known to date. The attack worked best when coupled with optical sensors, which are capable of sampling LED signals at high rates, enabling data reception at a higher bandwidth than other typical video recording equipment. A video of the attack is available here.

Malware Uses Router LEDs To Steal Data From Secure Networks More | Reply

Malware Uses Router LEDs To Steal Data From Secure Networks

Comments Filter:

  • security of routers (Score:1)

    by Anonymous Coward

    If your routers are insecure enough that someone can sneak in, reprogram them to flash their LEDs and install sensors to pick up the flashing LEDs you have bigger issues.

    • Aside from the 'researchers were looking for publication; not a practical exfiltration strategy' issue; I imagine that it would be most useful in a comparatively complex network where you can't necessarily do anything excessively shady looking over the network interfaces without the risk of being caught by the IDS or similar.

      For your basic "router is what turns the cable into wifi, right?" network setup, sure, this is absurdly perverse: you own the router, just use their own internet connection for whate

      • It seems to me like it's most plausibly useful in a context where you have owned the surveillance network and can point a camera at a router. But then you're limited to whatever data transmission rate you can manage given the limitations of the environment. However, what if you used many pieces of equipment in the DC, and many cameras?

  • Is that like making the Kessel Run in 12 parsecs?

  • inb4 (Score:2)

    by poity ( 465672 )

    entire room wrapped in tape

Slashdot Top Deals

You can't have everything... where would you put it? -- Steven Wright

Close