"RAM-Generated Wi-Fi Signals Allow Data Exfiltration From Air-Gapped Systems"
Mordechai Guri, the head of R&D at the Ben-Gurion University of the Negev in Israel, recently published a paper detailing a new technique to exfiltrate data from an air-gapped system. Air gapping is a security measure in which a computer or network that contains highly sensitive information is isolated from the Internet or any other internet-connected systems. The new method called AIR-FI involves the installation of malware on a compromised air-gapped system to generate Wi-Fi signals that a smartphone, Internet of Things (IoT) device, or laptop can intercept and send to attackers through the Internet. This technique relies on DDR SDRAM buses to generate these covert Wi-Fi signals. AIR-FI assumes that the adversary has successfully compromised the air-gapped system and collected credentials, documents, files, and other data of interest. According to Guri, this attack method also works on Virtual Machines (VMs). This article continues to discuss the AIR-FI data exfiltration technique and proposed countermeasures against this attack method.
Security Week reports "RAM-Generated Wi-Fi Signals Allow Data Exfiltration From Air-Gapped Systems"