![]() So, as the Korean researchers stated themselves, the lack of speed is the downside of this method: In order to exfiltrate larger packets, for example, a 10 KB file, hackers would need at least one hour. While a 2048-bit RSA key could be transmitted in 100 seconds. If they would use the Casper method, the malware could transmit an 8-characters long password in roughly 3 seconds. In their cyberespionage activities, hackers need to exfiltrate data from air-gapped systems. The malware will encode the data to be exfiltrated from the target in binary or Morse code and transmit it through the internal speaker using frequency modulation, achieving an imperceptible ultrasound in a range between 17 kHz and 20 kHz. Also, it can perform keylogging, a more effective method in this case, where the data transmission rate is slow. Once the threat actor successfully installs the malware, it can list the filesystem of the target, find files or file types that match a hardcoded list and make an exfiltration attempt. It was reported as active for more than 5 years.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |