Stealing Data by Manipulating Screen Brightness
Stealing Data by Manipulating Screen Brightness
February 13, 2020
Popular Mechanics – Dr. Mordechai Guri, head of research and development for the Cyber Security Research Center at Ben-Gurion University, discovered that by exploiting small changes to the RGB values in a PC’s liquid crystal display it’s possible to pull information from someone else’s screen, even if the computer is “air-gapped” (not connected to the internet).
In other words, manipulating the RGB — a color model used in computing to create a wide range of tones from just red, green and blue — or the computer screen’s brightness can create vulnerabilities that hackers can take advantage of with some effort.
“In the proposed modulation, the RGB color component of each pixel is slightly changed,” Dr. Guri explains in a new scientific paper published to the preprint server arXiv. “These changes are invisible since they are relatively small and occur fast, up to the screen refresh rate.
“The small changes in the brightness are invisible to humans but can be recovered from video streams taken by cameras such as a local security camera, smartphone camera or a webcam,” Guri says.
Using recording devices to both access and capture imperceptible data is called display-to-camera communication. It’s a class of hacking that doesn’t really require a computer to be connected to the internet—and in this case, that’s exactly the kind of limitation that the researchers wanted to explore. All that’s needed is surveillance equipment pointed at a computer screen infected with malware.
Malware installed on a compromised computer can modulate sensitive information like encryption keys or passwords inside the brightness of the screen, Guri explains. So this is quite a dangerous hack, as it can all happen right beneath the computer user’s nose.
Read more on the Popular Mechanics website >>