FX.co ★ Top 5 unusual cyber attacks
Top 5 unusual cyber attacks
Watering hole attack, Fansmitter software
A team of security researchers at Israel's Ben Gurion University has found a unique method that makes it possible to get information from a computer that is not connected to either the World Wide Web or a local network. For this purpose, cybercriminals have a special software called Fansmitter. Its work is simple in principle. Almost all computers use fans to cool the main CPU and the graphics card. They pump air through the chassis. The sound produced by these fans is the result of rotating blades forcing into the system. This is the basis of their approach. Hackers have created malware that alters the rotation speed sound of a computer fan to encode data. After that, they transfer information to an external device, for example, to a smartphone. This malicious attack is possible at a distance of 4 to 8 m from a PC. The phone detects changes in the noise emitted by the cooling system and decrypts the indicators, transmitting the information to a nearby device. This method is considered the most unusual among hacker attacks. However, it has a drawback. If the computer has a passive cooling system, Fansmitters are useless.
Radio-frequency hack, AirHopper software
Radio-frequency hack was also developed by researchers in Israel. They created malware called AirHopper that decodes radio frequencies emitted from a computer not connected to the internet or video card to steal data from an air-gapped machine. Earlier, researchers presented several sophisticated methods for hacking isolated gadgets but this program can be called the crown of their creation. The main feature of AirHopper hacks almost all gadgets, allowing any mobile device to read electromagnetic radiation coming from the video card using an FM receiver. Apart from that, Israeli scientists are working on a method of obtaining information from any device without installing malware. Previously, they planned to extract data by reading fluctuations in thermal energy with special thermal sensors. The information is supposed to be transmitted to the hackers' devices using the GSMem program. This method is under development.
MouseJack
One of the unusual ways to gain control of a PC is to use a Razer mouse. With its help, hackers can get administrator rights and run any command in PowerShell. A security breach occurs as a result of the autorun of the Razer Synapse script, which opens the utility RazerInstaller.exe with administrator rights. It is difficult to protect computers from these viruses although the latest versions of the Windows system have good built-in protection against various malware. However, when installing the software, attackers have the opportunity to gain full access to the computer. Many hackers tried to deceive Windows Update by faking device IDs and downloading Razer Synapse at the same time. Therefore, concerns have intensified as security experts believe that it is possible to access a PC with administrator rights without Razer gadgets.
Maclisions printer driver, PrintNightmare software
Hackers created another non-standard way to steal data and get full control over computers. A newly discovered vulnerability in the Print Spooler Windows service, widely referred to as “PrintNightmare”, allows Remote Code Execution (RCE) on any Server or Workstation with the Print Spooler service enabled. As a result, hackers can run their code on a system with System privileges. First of all, corporate data, as well as information about employees and company developments, are the main target of such attacks. This malicious software is rarely used against ordinary users. The PrintNightmare system exploits vulnerabilities of the office computer, in particular, remote printing options and the print queue manager. Getting into the system during the installation of printer drivers, the exploit is deeply integrated into it. As a result, PrintNightmare collects all the necessary data, including the usernames and passwords of all users of devices connected to a shared network. PrintNightmare is deemed the most dangerous virus for most corporate computers.
Hack using hard drives
Security researcher Alfredo Ortega has exposed that a hard disk drive (HDD) can be used as a rudimentary microphone to pick up nearby sounds. Sounds or nearby vibrations are mechanical waves that cause HDD platters to vibrate. He created software capable of detecting any vibrations coming from the hard disk plates. The HDD software created recognizes ambient sounds that cause the vibration of the drive plates. They measure delays and then make them happen. These read-write delays enable researchers to reconstruct sound or vibration waves picked up by HDD platter. After processing these delays, the original sound is recreated. As a result, the hard disk acts as a microphone but with a weak recording level. The disadvantage of this method is the inability to decipher the entire frequency range. For example, the hard drive does not perceive high tones, while low-frequency sound in the range of up to 1,000 Hz can be recognized perfectly. These types of attacks can result in the hard drive stopping any read-write operations (DOS - Denial of Service) or in physical damage to the device as well as recording any activity near the PC.