AIR-FI is the name of an attack against an air-gapped system that allows a third-party to steal data from a system that’s not connected to any network by generating a Wi-Fi signal with the help of the DDR SDRAM buses.
Compromising air-gapped systems is not an easy task, even for seasoned hackers. The new AIR-FI attack developed by the R&D department of the Cyber Security Research Labs at Ben-Gurion University allows criminals to steal data by generating a Wi-Fi signal in the 2.4 GHz range through the memory buses, which means no dedicated hardware is necessary.
“We show that nearby Wi-Fi capable devices (e.g., smartphones, laptops, IoT devices) can intercept these signals, decode them, and send them to the attacker over the Internet,” said Mordechai Guri, the head of the Cyber Security Research Labs.
“To extract the signals, we utilize the physical layer information exposed by the Wi-Fi chips,” Guri said. “We implement the transmitter and receiver and discuss design considerations and implementation details. We evaluate this covert channel in terms of bandwidth and distance and present a set of countermeasures. Our evaluation shows that data can be exfiltrated from air-gapped computers to nearby Wi-Fi receivers located a distance of several meters away.”
Of course, such actions are only possible if the targeted system is “infected” with the right software through social engineering or contaminated USB drives.
Not surprisingly, this is not the lab’s first discovery in this area. A few months ago, the researchers developed a way to leak data by turning power supplies into speakers. The lab has been doing this kind of research for a long time, developing ways to steal data by using keyboard lights, the HDD led, and even screen brightness changes.