Reference – RAMBO: Leaking Secrets from Air-Gap Computers by Spelling Covert Radio Signals from Computer RAM – Dr. Mordechai Guri https://arxiv.org/abs/2409.02292
Air-gapped systems, which are physically isolated from external networks like the Internet, are considered secure due to their lack of direct or remote communication capabilities. This isolation is crucial in sensitive environments where data privacy is paramount. However, a recent study reveals a new vulnerability that threatens this security.
The research introduces a method allowing attackers to exfiltrate data from air-gapped computers using malware that generates radio signals from the computer’s memory buses (RAM). By encoding sensitive information—such as files, images, and encryption keys—into these signals, attackers can use software-defined radio (SDR) and a simple antenna to intercept and decode the information from a distance. The paper demonstrates that this technique can transmit data at speeds of up to 1000 bits per second.
The study details the design and implementation of this attack, evaluates its effectiveness, and discusses existing related research. It also proposes countermeasures to protect against this novel out-of-band air-gap threat. This breakthrough underscores the need for enhanced security measures even for systems that are physically isolated.
Watch the demo in action – https://youtu.be/BLJcUXd2nyA