Strange malware thought to communicate over computer speakers



An in-depth report from Ars Technica highlights a rootkit (a piece of software that typically hides itself deep in an operating system’s Kernel or a computer’s BIOS) that is capable of communicating with nearby computers using a system’s speaker and microphone. Dubbed “badBIOS,” the malware has been plaguing renowned security researcher Dragos Ruiu’s computers for three years. Similar in nature to many other rootkits, badBIOS does its best to prevent users from erasing it, including removing the computer’s ability to boot from a physical disc. Ruiu believes badBIOS represents the first visible stages of a larger attack that can affect Windows, OSX, Linux, and BSD systems. Where it differs is in its ability to communicate with other infected computers even when “airgapped.”



Airgapping refers to a system that’s cut off from anything that could — usually — be utilized for communications. That means removing wireless communication methods like Wi-Fi and Bluetooth, physical network connections, and even the power supply, leaving a battery-powered machine that should be incapable of networking. Ruiu took all the above measures to prevent communications, but even after that the computer was still “acting like it’s connected to the internet.” As far-fetched as it sounds, Ruiu’s research concludes that the infected machines are “talking” to one another through high-frequency soundwaves imperceptible to our ears, using their built-in speakers and microphones.


About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to for more details.
This entry was posted in internet safety, Technology and tagged , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s