Skip to Main Content
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

Researcher Exploits Power Supply to Transmit, Steal Data From a PC

A researcher in Israel devised the attack as a way to steal data from 'air gapped' PCs, or computers that have been sectioned off from the internet.

By Michael Kan
December 12, 2022

A security researcher has developed a way to pluck data from a highly guarded PC by manipulating the hardware’s power supply to generate radio waves and secretly transmit the stolen data to a nearby smartphone. 

The research comes from Mordechai Guri at Israel’s Ben-Gurion University of the Negev. Over the years, Guri has helped devise numerous ways to exfiltrate data from air-gapped PCs, or highly protected computers that are deliberately isolated from the internet. 

In a new research paper, Guri shows that it’s possible to use malware to rig a PC’s power supply to transmit data from the computer, such as documents, keystrokes, and passwords. The reason is that a power supply can generate radio signals in the low-frequency band between 0 to 60kHz, which can be decoded. 

“By regulating the workload of the CPU, it is possible to govern its power consumption and hence control the momentary switching frequency of the SMPS (switch-mode power supplies),” he writes in his paper. “The electromagnetic radiation generated by this intentional process can be received from a distance using appropriate antennas.”

The attack transmitting data through a wall.
(Credit: Mordechai Guri)

Guri found the ensuing signals can be transmitted over the air, and even through walls, at a distance of up to 2 meters (6.5 feet) for a desktop PC. For a laptop, the distance was at 1 meter. A smartphone could then be modified to pick up the signals, turning the attack into a devious way to loot data from an air-gapped PC.

Guri demonstrates the technique in a video that shows a PC transmitting logged keystrokes through the power supply to a smartphone directly behind a wall. According to his paper, the manipulated power supply was capable of generating up to 1,000 bits per second. 

Of course, delivering the attack to an air-gapped computer isn't easy. But Guri says that a spy or rogue employee could do so through malware installed on a USB drive. Once the malware infects, it can manipulate the PSU since the exploit requires no system privileges. 

“Notably, the attack is highly evasive since it executes from an ordinary user-level process, does not require root privileges, and is effective even within a Virtual Machine,” Guri says.

The attack was built on previous research from Guri, who’s shown that various components to a PC can be exploited to transmit data. This includes using a monitor’s screen brightness or the noise from a computer’s hard drive to transmit stolen information. 

Guri has named this latest attack “COVID-bit.” But he notes an easy way to counteract the attack is to simply ban smartphones from being used around the air-gapped computer.

Like What You're Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.


Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

Sign up for other newsletters

TRENDING

About Michael Kan

Senior Reporter

I've been with PCMag since October 2017, covering a wide range of topics, including consumer electronics, cybersecurity, social media, networking, and gaming. Prior to working at PCMag, I was a foreign correspondent in Beijing for over five years, covering the tech scene in Asia.

Read Michael's full bio

Read the latest from Michael Kan