A groundbreaking side-channel attack has been uncovered, exploiting radio signals from a device’s RAM as a data exfiltration method, putting air-gapped networks at risk.
The innovative technique has been named RAMBO by Dr. Mordechai Guri from Ben Gurion University, Israel, a leading expert in offensive cyber research.
“Malware can use software-generated radio signals to encode and transmit sensitive information like files, images, keylogs, biometric data, and encryption keys,” Dr. Guri explained in his latest research paper.
Dr. Guri further elaborated, “By employing software-defined radio hardware and a simple antenna, attackers can intercept raw radio signals from a distance, decode them, and convert them back into binary data.”
Dr. Guri has previously devised various methods to extract confidential data from isolated networks, such as leveraging Serial ATA cables (SATAn), MEMS gyroscopes (GAIROSCOPE), LEDs on network cards (ETHERLED), and dynamic power consumption (COVID-bit).
Other unconventional approaches include leaking data through covert acoustic signals from GPU fans (GPU-FAN), ultrasonic waves from motherboard buzzers (EL-GRILLO), and even printer display panels and LEDs (PrinterLeak).
Last year, Dr. Guri showcased AirKeyLogger, a hardwareless radio frequency keylogging attack that utilizes radio emissions from a computer’s power supply to transmit keystroke data to a remote attacker in real-time.