The researchers from the University of Israel have created a malware that can use the hard-drive LED to send data from the infected computer to nearby camera. It sounds like a James Bond Hollywood movie scenario but now this is a reality. This malware code could be executed without the admin permission and it makes HDD LED sparks at regular interval. This LED Spark flickers are captured by nearby camera and the recorded video of LED flickers is transferred to a special computer for analyzing. The LED turned OFF represents binary zero while LED turned ON represents binary one. This way the data is detected in the infected computer and it is broken down in one and zero. This type of malware is capable to steal multiple types of data including personal credentials such username, password, all kind of logged keystrokes, encryption keys and so on. It is interesting that attacks can use all kind of camera devices such as phones, CCTV, surveillance cameras, drones and so on.
In the researches, various camera types and HDD LEDs of multiple colors got tested. Based on test, it revealed that photodiode sensors are best LED light capturing system and its capacity of data acquisition reaches up the maximum bandwidth of 4,000 bits per second. In the wholes tests, multiple different cameras were used including GoPro cameras, entry level DSLR cameras, smartphones cameras, HD cameras and even Google Glass spectacles. The average data acquisition bandwidth was 15 bits per second while GoPro managed to reach speed up to 120 bits per second. The HDD LED was also used in multiple colors such as red, blue and white out of which blue LED produced the strongest optical signals.
So, the maximum exfiltration speed is 4000 bit per second hence the theft of large files are also possible. It is a routine activity of HDD to blink LED and if its frequency increases then it is not suspicious thing for the user. It also disguises the victim by blinking the LED very frequently and it looks like the LED is blinking constantly for a naked eye. The human operator will definitely ignore the constant blinking anyway.
The use of HDD LED flickers will be extremely effective for data theft from PCs that does have internet connectivity. The air-gapped systems that stores sensitive information could be its prime target. If it comes in the range of any kind of camera then it is very easy to disguise the attack.