Malware Steals Data from Computer’s Blinking LEDs

Hey, PC owners, let’s get real. You want all LEDs, all the time. Razer, Alphacool, Cooler Master, Thermaltake: they all know it. LEDs on your keyboard, in your PSU, even in your Razer-branded mug. What could possibly be the downside in turning your desktop setup into a glorified Christmas tree? Take a breath and make sure you’re sitting down: researchers from Ben-Gurion University in Beersheba, Israel has some bad news for you. The team has developed a way of stealing data from PCs by observing the blinking of LED lights, as detailed in a new paper published by Cornell University.

The group from Ben-Gurion’s cybersecurity lab developed the technique as a proof-of-concept for stealing data from an airgapped (i.e. physically isolated from any wired or wireless networking) PC. Malware capable of converting data into an optical stream which can be transmitted to a camera through sequential blinking was planted on the target machine – placed on the third floor of an office building, visible through a window – and a flying drone was piloted into position outside to read the blinking hard drive LED at the front of the PC.

Though, if you’re all about the LEDs on your PC, it’s unlikely that your beloved machine is airgapped anyway, so any malware-fueled theft of your data can be done the old-fashioned way: via an internet connection. Phew!