Home/News/TrojPix Attack Steals Data From Air-Gapped Systems Via Video Cables
The Hacker News2 min read

TrojPix Attack Steals Data From Air-Gapped Systems Via Video Cables

Researchers at Shandong University have demonstrated a new method, dubbed TrojPix, capable of extracting data from air-gapped computer systems. This technique manipulates on-screen pixels to generate faint radio signals emitted by video cables, which can then be decoded by a nearby receiver. The attack relies on the presence of malware already installed on the target machine to initiate the data exfiltration process.

The TrojPix attack operates by subtly altering the pixels displayed on a monitor. These alterations cause the video cable connecting the computer to the display to radiate electromagnetic signals. These signals, though faint, can be captured and interpreted by a receiver within a range of approximately 1 meter. The Shandong University team reported that TrojPix can achieve data transmission speeds of up to 100 bits per second, a rate sufficient for exfiltrating sensitive information.

This breakthrough highlights a significant vulnerability in systems designed to be isolated from external networks for enhanced security. Air-gapped systems are typically used for highly sensitive data, such as classified government information or critical industrial control systems, precisely because they are not connected to the internet or any other network. The TrojPix attack bypasses this isolation by exploiting a physical emission channel.

While the attack requires initial malware infection, which itself poses a significant security hurdle, the ability to then extract data from a physically isolated machine presents a novel threat vector. The researchers published their findings in a paper detailing the methodology and experimental results, underscoring the need for further research into mitigating such side-channel attacks.

Original source — read the full reporting at the publisher:

Read on The Hacker News

Read next