"COVID-bit: New Covert Channel to Exfiltrate Data from Air-Gapped Computers"

An unusual data exfiltration method uses a previously unknown covert channel to leak sensitive data from air-gapped systems. According to Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Center at Ben Gurion University of the Negev in Israel and the head of Offensive-Defensive Cyber Research Lab, the information is exfiltrated from the air-gapped computer over the air to a distance of 2 m and more. A nearby insider or spy can pick up the data with a mobile phone or laptop. The method called COVID-bit uses malware installed on the machine to generate electromagnetic radiation in the 0-60 kHz frequency band, which is then transmitted and picked up by a stealthy receiving device in close physical proximity. This is made possible by utilizing modern computers' dynamic power consumption and manipulating the momentary loads on CPU cores. COVID-bit is Dr. Guri's fourth technique developed this year, following SATAn, GAIROSCOPE, and ETHERLED, all of which are designed to jump over air gaps and harvest confidential data. Despite their high level of isolation, air-gapped networks can be compromised by a variety of strategies, such as infected USB drives, supply chain attacks, and rogue insiders. However, due to the lack of Internet connectivity, exfiltrating the data after breaching the network is difficult, thus requiring that attackers devise special methods to deliver the information. The COVID-bit is one such covert channel used by malware to transmit information through electromagnetic emissions from a component known as a Switched-Mode Power Supply (SMPS) and encoding the binary data using a mechanism called Frequency-Shift Keying (FSK). This article continues to discuss the new COVID-bit data exfiltration method.

THN reports "COVID-bit: New Covert Channel to Exfiltrate Data from Air-Gapped Computers"