JMH3143· Microsoft MVP, Microsoft Support Visiting Expert,
Discussion Starter · #1 ·
Malware Can Use Fan Noise to Exfiltrate Data from Air-Gapped SystemsMalicious applications can use the noise emanated by a computer's fan speed to relay information to a nearby recording device and steal data from air-gapped, isolated systems.
Other researchers proved in the past that malware could use low-frequency sounds sent through the computer's speakers to exfiltrate data from targeted systems to a nearby microphone-enabled device.
This particular scenario has been proven feasible over the past years, and because of the likelihood of something like this happening, in environments with tight security, some administrators have removed speakers from air-gapped systems.
Fansmitter, the malware that fiddles with your fan speed
Four researchers from the Ben-Gurion University of the Negev in Israel have created Fansmitter, a piece of malware that takes the above scenario, but instead of speakers, it uses a computer's fans to send data from the infected host.
Because all data is basically a sequence of ones and zeros, the researchers created Fansmitter to take over the computer's fan speed and make it work at two different speeds, corresponding to a binary "1" and a binary "0".
Fansmitter works with CPU, GPU, or chassis-mounted fans, and can be effective from one to four meters away. Researchers consider this a reliable distance up to which a microphone or a smartphone can be left behind to record sounds emanated from the computer.