Security Basics mailing list archives
RE: Viral Wiretap?
From: "Andrew Ruef" <jabberwocky () mediasoft net>
Date: Mon, 8 Sep 2003 17:07:10 -0400
I think in order to make it undetected you'd have to figure out a way to make speech to text consume less processor runtime, or people might notice. But once desktop speed gets up to 3-4 ghz in the next ten months, it should be easier. Otherwise standard problems for viral infections and detecting them apply. Andrew Ruef -----Original Message----- From: Dave Falloon [mailto:dave.falloon () analogda com] Sent: Monday, September 08, 2003 1:55 PM To: security-basics () securityfocus com Subject: Viral Wiretap? Hello, This is more of a thought experiment than a problem. I recently read an article in 2600 about remotely operating the microphone on a computer to record what a user is saying. Potentially this could be extended to the following situation: - A virus attacks and arbitrary code running exploit on a machine - it starts up the microphone and runs something similar to RecAll which is used by ham operaters to record traffic that is identified as human voice - As traffic is recorded it is transcribed to text using something similar to the eff's ears program - Then the compressed text is send via the network to different hosts p2p style masking the virus originators identity, then the text could be worked on easily with a home built perl script that grabs any important numbers credit cards, phone numbers, really anything and everything about a person could be found out Think of the sensitive data that would be flowing if this hit your office? An unscrupulous individual could sell your trade secrets to your competition or perhaps blow the doors wide open on your enron-esque embezzlement scheme. Is there anything really stopping something like this from happening? I for one disconnected the mic on my gaming headset, but how many people out there are using the default setup they got from dell including the little built in microphone on your monitor, or where ever it may be? Just some more dire thoughts to get the ulcer working over time. Any comments on the feasibility of this type of bug? Dave Falloon White Hat, Black Hat, Asshat, which h4x0r will get you? ------------------------------------------------------------------------ --- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- Viral Wiretap? Dave Falloon (Sep 08)
- RE: Viral Wiretap? Andrew Ruef (Sep 08)