October 2, 2022


Software Development

SATAn Turns Hard Drive Cable Into Antenna To Defeat Air-Gapped Security

SATAn Turns Hard Drive Cable Into Antenna To Defeat Air-Gapped Security


It appears to be like [Mordechai Guri]’s lab at Ben-Gurion University is the position where by air-gapped personal computers go to die, or at minimum to give up their secrets and techniques. And this hack utilizing a computer’s SATA cable as an antenna to exfiltrate information is another example of just how several side-channel attacks the typical Computer system will make offered.

The exploit, deliciously designated “SATAn,” relies on the simple fact that the SATA 3. interface employed in a lot of desktops has a bandwidth of 6. Gb/s, this means that manipulating the computer’s IO would make it attainable to transmit facts from an air-gapped machine at all-around 6 GHz. It is a sophisticated exploit, of program, and entails positioning a transmitting program on the target device utilizing the common procedures, this sort of as phishing or zero-day exploits. Once in area, the transmitting program utilizes a mixture of read through and create operations on the SATA disk to make RF alerts that encode the data to be exfiltrated, with the details traces inside the SATA cable performing as antennae.

SATAn is demonstrated in action in the video clip under. It will take a though to transmit just a several bytes of details, and the variety is a lot less than a meter, but that could be sufficient for the exploit to thrive. The check setup takes advantage of an SDR — especially, an ADALM PLUTO — and a laptop, but you can easily imagine a substantially smaller sized deal being designed for a stealthy stroll-by design and style attack. [Mordechai] also presents a probable countermeasure for SATAn, which in essence thrashes the tricky travel to deliver RF noise to mask any produced signals.

Though almost certainly constrained in its functional applications, SATAn is an interesting side-channel assault to insert to [Dr. Guri]’s record of exploits. From optical exfiltration working with safety cameras to turning energy supplies into speakers, the vulnerabilities just retain piling up.


Thanks to [chuckt] for the suggestion.

[via Bleeping Computer]



Supply backlink