(ORDO NEWS) — Information security researchers at the Karlsruhe Institute of Technology (KIT) have shown the vulnerability of computers to hacking through conventional indicator LEDs on office equipment. It turned out that laser transceivers are able not only to read information from a PC using indicator LEDs, but also to write malicious code into the memory of computers.
A common indicator LED, for example, on a printer connected to a computer turned out to be a kind of gateway to data on a PC. Moreover, it should be emphasized that this is both an input and an output, since LEDs are capable of not only emitting, but also serving as photodiodes for intense light sources. In an experiment with a PC and a printer, the researchers showed that using only one laser at a distance of 25 meters, without physical or other access to the computer system, data can be retrieved at speeds up to 100 Kbps and downloaded at speeds up to 18.2 Kbps.
Previously, numerous vulnerabilities of isolated computing systems were shown, which were exploited in a contactless way through the vibration of a fan, hard disk, HDD LED, and a number of others. However, in all these cases, as a rule, data was only read and then at very low speeds. German scientists have shown that ordinary LEDs can multiply the speed of secret optical data reading and, moreover, allow the reverse process of writing information to the PC memory.
To prevent detected threats, a special website has been created where you can get acquainted with the details of the hacking technology, including code fragments. The research project is called LaserShark. A preprint of the research article is also available. The report on the discovered vulnerability was made at the 37th Annual Computer Security Application Conference (ACSAC).
Contact us: [email protected]