Offline Hacking Explained

OFFLINE HACKING CAN HAPPEN TO YOU EVEN WHEN YOU DON'T HAVE AN INTERNET CONNECTION

Just because you're offline doesn't mean your computer can't be hacked. Although most hacking occurs over the internet, methods ranging from primitive to high-tech allow dedicated hackers to access almost any computer.

Is unplugging your internet connection enough to avoid hackers?

Absolutely Not.

Just because you're offline doesn't mean your computer or smartphone can't be hacked. Chances are high that you are one of the owners of nearly 1,000,000+ computers around the world in which the National Security Agency has implanted software that enables it to enter and alter data in computers even if they are not connected to the internet.

Quantum, this secret technology, relies on a converted channel of radio signals and mobile phones that can be broadcast from up to 12 kilometers distance and send packets of data in milliseconds. In many insane ways, your phone and computer can be hacked - even if they're not connected to the internet.

Hacking is the new spying. And, as we've learned time and time again, both government and private organizations are using cyber-spy programs to gain as much intelligence as they can.

But getting this data can be difficult. In fact, some of the most precious digital information is safeguarded by machines that have no contact with the outside world.

So can this internet-less data be hacked?

Indeed, yes with some support from the exploration of the security firm Kaspersky Lab as well as our very own portion of individual digging, here is an investigation of a portion of the insane technology used to hijack offline computers or smartphones.

Continue Reading →

Sound Waves Offline Hacking Technique

Why Your Business Needs to Analyze Sound Waves?

Theoretically, a computer that's not a physical network, Wi-Fi signal or Bluetooth should be completely inaccessible in a network security method known as an "air-gapped". However, in 2010, security consultant Dragos Ruiu discovered that one of his air-gapped computers had been infected with malicious software that replaced his Basic I/O System (known for "BadBIOS"), the basic software that controls hardware and loads the operating system. Even after he removed the wireless and Bluetooth components, the malware kept reinstalling itself after being wiped. In the end, he discovered the source: high-frequency sound waves inaudible to humans.

The sound is transmitted from one device to another, using the computer's microphone to translate sound waves into data. While Ruiu's claims sounded like science fiction, the method which can transmit data from up to 64 feet away was later proven to work by two German scientists who had been researching (PDF) the topic separately.

It's currently not clear whether affected machines had to have been already infected with malware, for instance through a USB stick, or if the sound waves can directly infect a computer. The virus could potentially be prevented, however, by installing a low pass filter that blocks out high-frequency sounds, the paper states.

Continue Reading →

How Hackers Hacked An Offline Laptop With Air-Gapped Machines

 

The white hat specialists from Tel Aviv University have found a way to steal encryption keys from "safe" air-gapped machines.

The attack was practiced from another room and the computer victim was completely offline, called side-channel trick, it doesn't attempt to extract the encryption by taking advantage of bruteforce attacks. All things considered, specialists caught the electromagnetic waves radiated during the extracting of decryption. In recent times, hackers are aggressively targeting the air-gapped machines, which are considered super-secure. These systems are disconnected from the internet so that a hacker is unable to deploy any attack remotely via internet network or any. 

Do you remember the researchers who used a homemade device called "PITA" to steal keys and data from your computer or laptop?

That operating system caught the wanderer radio waves discharged by your central processing unit (CPU). Going one step ahead, the same researchers from Tel Aviv University have showcased a way (PDF) to squeeze data from such "safe" air-gapped machines. 

So very interesting, the hacked computer was located in a separated room at the hotel. This attack generates the secret decryption keys within few seconds from the target computer located in the other room with the help of their support equipments:

• Antenna
• Amplifiers
• Software-defined radio
• High-end Laptop estimated worth $3,000

The cybersecurity experts claim that with more lab research, the equipment could be simplified. The attack was completely non-intrusive, and the targets were not touched. Known as side-channel attack, it doesn't try to break the encryption by exploiting encryption algorithm weakness or brute force attack. Here, the method used to break the encryption was capturing the electromagnetic waves emitted during the decryption process. 

Our work is generally relevant to backbone process that is painstakingly safeguarded against security attacks, however as we show might be totally open to reasonable actual kind of attack concepts - Laboratory Specialist said.

During the time of getting the confidential information from a computer running GnuPG, the specialists sent a particular encoded message to the victim. Presently, the EM leakage of the victim was estimated over and again to show the information.

The secret key was obtained after studying 66 decryption processes (each lasting 00.05 seconds) in 3.3 seconds.

Right now, such ways of hacking the system are a lot restricted to practice. But, researchers feel that in the not-so-distant future, hackers could use these techniques by making them more accessible and cheaper.

Continue Reading →