Experts from Ben Gurion University, specialize in the HACKING OF "AIR-GAPPED" COMPUTER

A technique called PowerHammer can modulate the intensity of the power network by varying the computing load CPU cores. Then simply connect to the power wire to recover the data.
Experts from Ben Gurion University hit again. Specializing in the hacking of "air-gapped" computers, these Israeli researchers have just introduced a new way of sneaking out sensitive information. This time, the data leak is based on the electrical current that powers the machine.

bbcba42024448e2cf99b4ed0426c5d3c.jpg

Indeed, the researchers have created a malware called PowerHammer which - installed in advance on the targeted machine - manages to send a signal through the electrical network that can be captured passively at the power wire or the electrical panel Room. Obviously, there is no question of using powerline online here, it would be too simple and too visible.
A wave generated by the chip
The signal is generated by varying the usage of the CPU cores. As it is one of the most greedy components of a computer, a large computing load increases the electrical intensity. By scheduling periodic changes, researchers are able to create a carrier wave on the power grid. It is then necessary to encode information, which they do by using a frequency modulation algorithm (Frequency Key Shifting)
The signal is captured through an "intensity transformer", a small tool that costs only ten euros and measures the intensity through a coil that reacts to the magnetic field generated by the cable. Then just decode the message to get the information.
Researchers have experimented this method conclusively. The extraction is particularly effective when the sensor is placed on the wire that feeds the computer. An exfiltration rate of up to 1000 bit / s on a PC, 500 bit / s on a server and 20 bit / s on a Raspberry Pi can be achieved. This is enough to steal, for example, a password. or an encryption key.
However, when the sensor is placed at the floor electrical panel, this method allows to pass only a few bits per second. This is quite logical because the panel aggregates the power flows of other devices which generates noise in terms of intensity.
In the past, researchers at Ben Gurion University have devised more than a dozen exfiltration techniques, relying on all types of physical channels: sound, image, electromagnetic waves, heat, etc.

DQmNuF3L71zzxAyJB7Lk37yBqjBRo2uafTAudFDLzsoRV5L.gif

H2
H3
H4
3 columns
2 columns
1 column
Join the conversation now