"CASPER Attack Steals Data Using Air-Gapped Computer's Internal Speaker"

Researchers at the School of Cyber Security at Korea University in Seoul have unveiled a new covert channel attack called CASPER that can leak data from air-gapped computers to a neighboring smartphone at a rate of 20bits/sec. The CASPER attack uses the target computer's internal speakers as a data transmission channel to transfer high-frequency audio that the human ear cannot detect, and convey binary or Morse code to a microphone up to 1.5m away. The receiving microphone may be in an attacker's pocket-recording smartphone or a laptop in the same room. Researchers in the past have devised similar attacks using external speakers. However, systems used in critical areas, such as government networks, energy infrastructure, and weapon control systems, that are air-gapped and network-isolated are unlikely to have external speakers. Internal speakers that offer audible feedback, such as boot-up noises, are still deemed necessary. Therefore, their prevalence makes them preferable targets. This article continues to discuss the new CASPER covert channel attack. 

Bleeping Computer reports "CASPER Attack Steals Data Using Air-Gapped Computer's Internal Speaker"