A cybersecurity expert demonstrated a new way to extract sensitive data from physically isolated computers. To do this, it is enough to use Wi-Fi signals as a covert channel. At the same time, the corresponding hardware component should not be present on the attacking system.
The new attack vector was named ” AIR-FI “, and its principle is based on the installation of a specially designed malicious program in the attacked system. This malware is supposed to generate electromagnetic radiation in the 2.4 GHz Wi-Fi band.
Using this channel, the malware will transmit information, and in the process it can be intercepted and decrypted using Wi-Fi-compatible devices: smartphones, laptops, IoT devices. At the final stage, all data is sent to the attacker’s server.
Expert Mordechai Guri published an article “AIR-FI: Generating Covert Wi-Fi Signals from Air-Gapped Computers” dedicated to a new method of information extraction. According to him, the attack does not require hardware components to interact with Wi-Fi installed on the computers under attack.
