Sep 25, 2017: Israel’s Ben-Gurion University of the Negev (BGU) researchers have found that security cameras, infected with malware, which are equipped with IR-based night vision, can be hacked through IR LEDs, either to infiltrate a network or to leak out information from the cameras’ network.
Their demontration has been explained in a paper titled “aIR-Jumper: Covert Air-Gap Exfiltration/Infiltration via Security Cameras & Infrared (IR)”. The researchers explained a data exfiltration scenario, whereby malware accesses the surveillance camera in the local network and generates covert IR signals by controlling the cameras’ IR LEDs.
In such a case, binary data can be modulated, encoded, and transmitted as IR pulses which an attacker can detect from a distance. A hacker from a remote place, for example from a a parking lot, in line of sight or even out of line of sight of the cameras, can send covert IR signals using IR LEDs. Once the signals are received by the surveillance camera, malware within the network can intercept the signal and decode command and control (C&C) messages hidden in the video stream.
As a result, the hacker can communicate with malware previously installed through supply chain attacks, malicious insiders, or social engineering.
The researchers implemented a malware prototype and tested it with different types of cameras that can communicate tens to hundreds of meters away from the network under attack. They were able to leak internal data at a bit rate of 20bit/s per camera and were able to deliver commands to the network at bit rate of more than 100bit/s from one camera.
These researchers at Ben-Gurion’s Cyber Security Research Center have earlier shown how disk lights and hard drive noise can be used to steal data. One experiment even focused on using compromised internet-enabled air conditioners to adjust temperatures as a signal to malware on computers on a separate network.
Source: Ben-Gurion University