{"id":54912,"date":"2018-03-20T09:00:27","date_gmt":"2018-03-20T01:00:27","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=54912"},"modified":"2018-11-18T16:48:19","modified_gmt":"2018-11-18T08:48:19","slug":"%e3%80%8cmosquito-%e8%9a%8a%e5%ad%90%e3%80%8d%e7%99%bc%e5%8b%95%e6%94%bb%e6%93%8a-%e9%9b%bb%e8%85%a6%e5%96%87%e5%8f%ad%e6%b4%a9%e6%bc%8f%e8%b3%87%e6%96%99","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=54912","title":{"rendered":"\u300cMosquito \u868a\u5b50\u300d\u767c\u52d5\u653b\u64ca, \u96fb\u8166\u5587\u53ed\u6d29\u6f0f\u8cc7\u6599"},"content":{"rendered":"<p>\u4ee5\u8272\u5217\u7684\u5167\u84cb\u592b\u672c-\u53e4\u91cc\u5b89\u5927\u5b78 (Ben-Gurion University of the Negev) \u7684\u7814\u7a76\u4eba\u54e1\u6700\u8fd1\u793a\u7bc4\u4e86\u4e00\u7a2e\u4ed6\u5011\u547d\u540d\u70ba\u300c<a href=\"https:\/\/arxiv.org\/pdf\/1803.03422.pdf\">Mosquito<\/a>\u300d(\u868a\u5b50) \u7684\u6982\u5ff5\u9a57\u8b49\u653b\u64ca\uff0c\u5229\u7528\u5587\u53ed\u6216\u8033\u6a5f\u5f9e\u9023\u7db2\u6216\u9694\u96e2\u7684\u96fb\u8166\u5c07\u8cc7\u6599\u5916\u50b3\u3002<\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/security-news-headphones.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-54913\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/security-news-headphones.jpg\" alt=\"\" width=\"900\" height=\"627\" srcset=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/security-news-headphones.jpg 900w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/security-news-headphones-300x209.jpg 300w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/security-news-headphones-768x535.jpg 768w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/security-news-headphones-600x418.jpg 600w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/security-news-headphones-30x21.jpg 30w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2018\/03\/security-news-headphones-800x557.jpg 800w\" sizes=\"(max-width: 900px) 100vw, 900px\" \/><\/a><\/p>\n<p>\u9019\u7bc7\u540d\u70ba\u300cMosquito: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication\u300d(\u868a\u5b50\uff1a\u5229\u7528\u8d85\u97f3\u6ce2\u8b93\u5169\u53f0\u9694\u96e2\u7684\u96fb\u8166\u7d93\u7531\u5587\u53ed\u5c0d\u5587\u53ed\u7684\u65b9\u5f0f\u6697\u4e2d\u9032\u884c\u901a\u8a0a) \u7684\u7814\u7a76\u5831\u544a\uff0c\u8a73\u7d30\u8aaa\u660e\u4e86\u5982\u4f55\u5229\u7528\u96fb\u8166\u7684\u97f3\u6548\u5b54\u4f86\u6697\u4e2d\u9032\u884c\u8cc7\u6599\u50b3\u8f38\u3002\u9019\u9805\u6280\u5de7\u662f\u5c07\u63a5\u6536\u7aef\u7684\u97f3\u8a0a\u8f38\u51fa\u5b54\u8f49\u63db\u6210\u8f38\u5165\u5b54\uff0c\u7136\u5f8c\u5c07\u5587\u53ed\u7576\u6210\u9ea5\u514b\u98a8\u4f7f\u7528\u3002\u4eca\u65e5\u7684\u97f3\u6548\u6676\u7247\u5927\u591a\u5177\u5099\u63d2\u5b54\u8f49\u63db\u7684\u529f\u80fd\uff0c\u53ea\u9700\u900f\u904e\u8edf\u9ad4\u8a2d\u5b9a\u5c31\u80fd\u9054\u6210\u3002\u91dd\u5c0d\u9019\u9805\u5be6\u9a57\uff0c\u7814\u7a76\u4eba\u54e1\u7279\u5225\u8a2d\u8a08\u4e86\u4e00\u500b\u60e1\u610f\u7a0b\u5f0f\u4f86\u5c07\u5587\u53ed\u6216\u8033\u6a5f\u7576\u6210\u9ea5\u514b\u98a8\u4f7f\u7528\u3002\u5169\u53f0\u6a5f\u5668\u4e4b\u9593\u7684\u8cc7\u6599\u50b3\u8f38\u662f\u900f\u904e\u8d85\u97f3\u6ce2\u4f86\u9032\u884c (\u6700\u9060\u53ef\u9054 \u00a0<a href=\"https:\/\/www.theregister.co.uk\/2018\/03\/12\/turning_speakers_into_covert_listening_devices\/\">9 \u516c\u5c3a<\/a>)\u3002<!--more--><\/p>\n<p>\u9664\u4e86\u9019\u9805\u6280\u5de7\u4e4b\u5916\uff0c\u9019\u7fa4\u7814\u7a76\u4eba\u54e1 (Mordechai Guri\u3001Yosef Solwicz\u3001Andrey Daidakulov \u4ee5\u53ca Yuval Elovici) \u9084\u958b\u767c\u4e86\u5176\u4ed6\u53ef\u5c07\u9694\u96e2\u96fb\u8166\u4e0a\u7684\u8cc7\u6599\u5916\u50b3\u7684\u6280\u5de7\uff0c\u5305\u62ec\uff1a<\/p>\n<ul>\n<li>Odini\uff1a\u5229\u7528 CPU \u6838\u5fc3\u6240\u7522\u751f\u7684\u4f4e\u983b\u78c1\u8a0a\u865f\u3002<\/li>\n<li>Magneto\uff1a\u5229\u7528\u78c1\u8a0a\u865f\u5c07\u8cc7\u6599\u5f9e\u9694\u96e2\u7684\u7cfb\u7d71\u5916\u6d29\u81f3\u9644\u8fd1\u7684\u667a\u6167\u578b\u624b\u6a5f\u3002<\/li>\n<li>LED-it-Go\uff1a\u5728\u9694\u96e2\u7684\u7db2\u8def\u5167\u5229\u7528 LED \u5c07\u8cc7\u6599\u5916\u50b3\u3002<\/li>\n<li>aIR-Jumper\uff1a\u5229\u7528\u7d05\u5916\u7dda LED \u642d\u914d\u76e3\u8996\u651d\u5f71\u6a5f\u8207\u9694\u96e2\u7684\u7db2\u8def\u9032\u884c\u9060\u7aef\u901a\u8a0a\u3002<\/li>\n<li>BitWhisper\uff1a\u5229\u7528\u96fb\u8166 CPU\/GPU \u7684\u6eab\u5ea6\u8b8a\u5316\u5728\u9130\u8fd1\u7684\u5169\u53f0\u9694\u96e2\u7cfb\u7d71\u4e4b\u9593\u9032\u884c\u901a\u8a0a\u3002<\/li>\n<\/ul>\n<p>\u7814\u7a76\u4eba\u54e1\u89e3\u91cb\uff0cMosquito \u4e0d\u9700\u8981\u9ea5\u514b\u98a8\u3002\u4ed6\u5011\u8868\u793a\uff0c\u9019\u5957\u65b9\u6cd5\u7684\u539f\u7406\u662f\u300c\u5229\u7528\u60e1\u610f\u7a0b\u5f0f\u4f86\u8a2d\u5b9a\u97f3\u6548\u6676\u7247\u7684\u529f\u80fd\uff0c\u5c07\u96fb\u8166\u9023\u63a5\u7684\u5587\u53ed\u5f9e\u97f3\u8a0a\u8f38\u51fa\u88dd\u7f6e\u8b8a\u6210\u8f38\u5165\u88dd\u7f6e\u3002\u300d<\/p>\n<p><strong>[TrendLabs \u7814\u7a76\uff1a<\/strong><a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/iot-devices-need-better-builtin-security\/\"><strong>\u6e2c\u8a66\u9023\u7db2\u5587\u53ed\u7684\u5167\u5efa\u5b89\u5168\u6027<\/strong><\/a><strong>]<\/strong><\/p>\n<p><em>\u5f71\u7247\uff1a\u99ed\u5ba2\u5982\u4f55\u900f\u904e\u9023\u7db2\u7684\u5587\u53ed\u4f86\u638c\u63e1\u4f7f\u7528\u8005\u8cc7\u8a0a\u3002<\/em><\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/sSIIEgZrfus\" width=\"560\" height=\"315\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<p>Mosquito \u653b\u64ca\u76ee\u524d\u96d6\u7136\u9084\u5728\u5be6\u9a57\u968e\u6bb5\uff0c\u4f46\u537b\u4e5f\u8b49\u660e\u4e86\u6c92\u6709\u4efb\u4f55\u5e73\u53f0\u6216\u88dd\u7f6e\u80fd\u5920\u514d\u65bc\u8cc7\u5b89\u5371\u96aa\uff0c\u5c24\u5176\u662f\u7269\u806f\u7db2 (IoT) \u88dd\u7f6e\u3002\u5118\u7ba1\u9019\u4e9b\u88dd\u7f6e\u7684\u65b0\u6280\u8853\u78ba\u5be6\u80fd\u5920\u70ba\u751f\u6d3b\u5e36\u4f86\u4fbf\u5229\uff0c\u4f46\u4e5f\u5b58\u5728\u8457\u4e00\u4e9b\u7cfb\u7d71\u6f0f\u6d1e\u6216\u5f31\u9ede\u53ef\u80fd\u9020\u6210\u500b\u4eba\u6216\u4f01\u696d\u8cc7\u6599\u5916\u6d29\uff0c\u751a\u81f3\u8b93\u6574\u500b\u7db2\u8def\u66b4\u9732\u65bc\u5a01\u8105\u3002<\/p>\n<p>\u8da8\u52e2\u79d1\u6280\u524d\u77bb\u5a01\u8105\u7814\u7a76 (FTR) \u5718\u968a\u7814\u7a76\u54e1 Stephen Hilt \u5c08\u9580\u7814\u7a76 \u00a0<a href=\"https:\/\/documents.trendmicro.com\/assets\/pdf\/The-Sound-of-a-Targeted-Attack.pdf\">IoT \u5587\u53ed\u7684\u5b89\u5168\u6027<\/a>\uff0c\u4ed6\u767c\u73fe\u5e02\u9762\u4e0a\u5169\u500b\u77e5\u540d\u54c1\u724c\u7684\u5587\u53ed\u6709\u5916\u6d29\u4f7f\u7528\u8005\u8cc7\u6599\u53ca\u5176\u4ed6\u8cc7\u8a0a\u7684\u53ef\u80fd\u6027\uff0c\u99ed\u5ba2\u53ef\u80fd\u5229\u7528\u9019\u4e9b\u8cc7\u6599\u4f86\u767c\u52d5\u9032\u4e00\u6b65\u653b\u64ca\u3002\u6b64\u5916\uff0c\u9084\u6709\u53e6\u4e00\u500b\u554f\u984c\u662f\u958b\u653e\u7684\u9023\u63a5\u57e0\uff0c\u53ef\u8b93\u99ed\u5ba2\u7d93\u7531\u7db2\u8def\u5b58\u53d6\u88dd\u7f6e\u548c\u4f7f\u7528\u8005\u8cc7\u8a0a\u3002\u9019\u4e9b\u88dd\u7f6e\u5982\u679c\u7528\u5728\u5de5\u4f5c\u5834\u6240\uff0c\u90a3\u8cc7\u5b89\u7684\u98a8\u96aa\u548c\u554f\u984c\u5c07\u66f4\u52a0\u56b4\u91cd\u3002<\/p>\n<p>\u7684\u78ba\uff0c\u4e0a\u8ff0\u5169\u9805\u7814\u7a76\u5df2\u7d93\u660e\u78ba\u544a\u8a34\u6211\u5011\u70ba\u4f55\u5b89\u5168\u6027\u5fc5\u9808\u4e00\u958b\u59cb\u5c31\u5c0e\u5165\u8a2d\u8a08\u7576\u4e2d\uff0c\u4e0d\u80fd\u4e8b\u5f8c\u624d\u60f3\u5230\uff0c\u66f4\u4f55\u6cc1\u5728\u4eca\u65e5\u7684\u60c5\u52e2\u4e4b\u4e0b\uff0c\u00a0<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=53709\">\u65b0\u7684\u5a01\u8105\u5f88\u5feb\u5c31\u6703\u6210\u70ba\u4e3b\u6d41<\/a>\u3002\u96a8\u8457\u00a0<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/definition\/eu-general-data-protection-regulation-gdpr\">\u6b50\u76df\u901a\u7528\u8cc7\u6599\u4fdd\u8b77\u6cd5 (GDPR)<\/a>\u00a0 \u5373\u5c07\u4e0a\u8def\uff0c\u5f9e\u4f7f\u7528\u8005\u3001\u4f01\u696d\u3001\u7db2\u8def\u670d\u52d9\u4f9b\u61c9\u5546\uff0c\u5230 \u00a0<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/internet-things-ecosystem-broken-fix\/\">OEM \u88fd\u9020\u5546<\/a>\u00a0\u90fd\u61c9\u63a1\u53d6\u4e00\u5957\u4e3b\u52d5\u4e14\u591a\u5c64\u5f0f\u7684\u8cc7\u5b89\u65b9\u6cd5\u3002<\/p>\n<p>&nbsp;<\/p>\n<p>\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/mosquito-attack-shows-how-malware-can-exfiltrate-data-via-pc-speakers\">&#8216;Mosquito&#8217; Attack Shows How Malware Can Exfiltrate Data via PC Speakers<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4ee5\u8272\u5217\u7684\u5167\u84cb\u592b\u672c-\u53e4\u91cc\u5b89\u5927\u5b78 (Ben-Gurion University of the Negev) \u7684\u7814\u7a76 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[1723,1335,3654,156],"tags":[1599,3794,2292,1593,3793],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/54912"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=54912"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/54912\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=54912"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=54912"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=54912"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}