Motherboard: How Hackers Could Wirelessly Bug Your Office

Online magazine Motherboard have recently uploaded a video on YouTube where a reporter interviews white hat hacker Ang Cui. Cui is the inventor of the Funtenna which is software malware that can infect any embedded device, turning it into an improvised RF transmitter. 

As an example of the type of devices the Funtenna can infect, Cui shows how he infected a desktop telephone, as well as a desktop printer. The malware running on the phone causes the phone to transmit an RF signal of the voices heard by the microphone, and the malware running on the printer causes the printer to emit a binary coded transmission of the text being printed. The malware is able to do this by forcing a GPIO, PWM or UART interface on the printer to modulate in a similar way to what is done with the Raspberry Pi FM transmitter project, rpitx. To receive and decode the signal Cui uses a software defined radio and a GNU Radio program.

Ang Cui previously presented his work on Blackhat 2015 and his slides can be found here, and we also show the video of his presentation below in the second video.

How Hackers Could Wirelessly Bug Your Office

How Hackers Could Wirelessly Bug Your Office

Emanate Like A Boss: Generalized Covert Data Exfiltration With Funtenna

Emanate Like A Boss: Generalized Covert Data Exfiltration With Funtenna

4 comments

  1. Giamma

    During my investigations I had observed some cases attributable to this idea. for example, I had observed magnetic fields produced by laptops https://www.youtube.com/watch?v=onO-xwnqv4w, magnetic fields produced by network cards and cabling https://www.youtube.com/watch? v = 0JBPq0-Ww8k. I had played the typical examples of such https://www.youtube.com/watch?v=mqyt75qyj7U oscillator transmitters, https://www.youtube.com/watch?v=kE4eX1GFFzc, https://www.youtube.com / watch? v = dAnxE-6Fj5A and reproduced the experiment with Raspberry https://www.youtube.com/watch?v=WYujpimLVq8.

    I do not exclude that some of these oscillators are transducers and can also receive and you can inject commands like “Tempest”.

  2. Dave, WD8CIV

    “software malware that can infect any embedded device”

    No, I don’t think so. It won’t work on my smart thermostat, or my microwave oven, or my fitness tracker.

    But it does nicely point out a vulnerability in modern smart devices which are more and more often developed using off-the-shelf embedded computer boards running a standardized operating system. Malware that will run on one of those boards can run any any device based on those boards.

Post a comment

You may use the following HTML:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This site uses Akismet to reduce spam. Learn how your comment data is processed.