Malware comes in many forms, but the xLED malware is one of the most bizarre (and novel) forms of malicious software I've ever heard about. It is capable of infecting a router or switch and then stealing data by flashing the LEDs such devices always have.
According to Bleeping Computer, the xLED malware was created by a team at the Cyber Security Research Center at the Ben-Gurion University of the Negev in Israel. They've had previous success using the LED on a hard drive and a drone to capture the data. But targeting switches and routers allows for much greater data capture because there's many more LEDs over which to transmit.
The data stealing works by firstly infecting the target switch or router with the malware. Once installed, the data theft can be carried out by converting data into a binary format of zeros and ones. Then each LED on the device can transmit a binary digit: turned on for one and off for zero.
Related
- Is Your Router Insecure (and Does Your Router Maker Care)?Is Your Router Insecure (and Does Your Router Maker Care)?
In order to record the data a camera is required. This could be mounted on a drone looking through a window, a bribed security guard setting one up, or a hacked security camera. Much is dependant on the setting and situation.
Recording can also be done using optical sensors, and this apparently gives the best results because it can record the LED light changes at a much higher sampling rate. Combine that with multiple LED lights from which to record on an individual switch/router and the researchers managed to achieve a data stealing rate of 1,000 bits/second per LED.
The most difficult part of allowing this malware to work is installing it on the router or switch in the first place. However, we can't forget this is just a piece of research and not a real attack vector. But it could be in the future, and by identifying it as a potential weakness in a network, manufacturers can think about ways to counter it in case someone does try to deploy this type of malware. Duct tape, perhaps?
'Interland' is designed to help young people make 'smart decisions online.'
It's 'possibly the largest malware campaign found on Google Play,' according to Check Point.
Blockchain, the foundation of digital currencies like Bitcoin, could also come in handy to securely store ride sharing and insurance data, Toyota says.
After getting nailed with a $2.2 million FTC settlement for tracking users, Vizio debuts new XLED-backlit HDR displays to grab your attention.
The watch is a solid, if flawed, vehicle for Android Wear 2.0.
Relax xLED Malware Steals Data Using Router LEDs stories
A hacker broke into systems for the 'US operating region' and stole sensitive user data
Google's machine learning model in Gmail 'selectively delays messages … to perform rigorous phishing analysis.'
Researchers from security firm Check Point said 'hundreds of millions' of devices running media players such as VLC, Kodi, Popcorn Time, and Stremio are at risk.
Emails spoofed to look like they're coming from DocuSign are attempting to trick recipients into opening attached Word documents that contains malware.
A video depicts a test run inside one of the tubes Elon Musk hopes to spread across Los Angeles, offering sleds for cars to bypass congestion on roads overhead.
Numerous hospitals across Britain were affected by the ransomware, requiring them to shut down their IT systems and turn patients away.
Rather than being malicious, this looks like negligence by developers. What's more concerning it it's been on HP systems since 2015.
The 'highly sophisticated' phishing campaign appears to have hit a number of journalists, along with individuals from other industries.
The malware is currently not detected by security suites and uses a valid Apple developer certificate to infect all versions of Mac OS X.
The practice of intercepting messages between Americans and foreigners that mention a terrorism suspect will end.
In the US, most requests come from search warrants and other court orders, although some are made using secret "national security letters."
Palantir will have to pay back wages and the value of stock options to several Asian candidates it passed over for employment, in addition to re-extending job offers.
The hacking group, known variously as Fancy Bear or Pawn Storm, uses sophisticated phishing attempts and targets victims seen as at odds with Russian interests, Trend Micro reports.
Flaws in the routers' firmware could let hackers access configuration settings and execute remote commands. Linksys said it's working on a patch.
37 restaurants confirmed as having malware installed on point of sale equipment and card details stolen between December and March.
It was meant to be joke malware, but the author managed to infect himself, and the game is impossibly hard.
Tax-themed spam emails increased 6,000 percent from December 2016 to February 2017. Here are some common scams to look out for.
Hanging a TV above your fireplace mantle is nothing new, but a new model from Samsung mounts flush with the wall and includes a bezel that looks like an actual picture frame.
It's expected to launch in 2017 as a 10th Anniversary Edition for $1,000.
Samsung Display secures huge order worth billions from its rival.
Final Fantasy XV's Noctis is coming to 'Dissidia NT' on PS4. Finally, a chance to punch him right in the face.
Apple wants to reduce iPhone repair wait times in its stores by letting authorized partners get in on the action.
The proprietary screen repair machines are currently restricted to Apple's own stores, but that's changing in light of possible right to repair laws.
With iOS 11 on iPad Pro, Apple figures out that touch screens are good for laptops, but its improvements don't go far enough.
Bear Grylls's longtime cameraman steps in front of the camera to hunt down and film real monsters in the wild. (And he says he actually got one!)
A deeper look into Apple's WWDC news and Nintendo's newest game.
As promised, Bioware is fixing more 'Mass Effect: Andromeda' problems.
SpaceX's first Air Force mission will be in August, launching the X-37B spaceplane.
'Wonder Woman' is a hit at the movies. These business leaders are wonder women in the business world.
Riders willing to share their journeys with another passenger will get up to 40 percent off their fare when using the Via or Get taxi apps in New York City.
