How can a computer virus be transmitted over the air from machine to machine?

nchristine

I was listening to the radio and heard a report on a new virus that could be transmitted without machines being physically connected. How is this even possible? Is it something to be concerned about at this point?

Topic: Security
Answer this Question

Answers

5 total
StillADotcommer
Vote Up (9)

There is apparently significant and growing skepticism that badBIOS is real. Other researchers have been unable to confirm the original findings. The original researcher, Dragos Riui, stands by it however. Source: http://arstechnica.com/security/2013/11/researcher-skepticism-grows-over...

ttopp
Vote Up (9)

I think what you may be talking about is badBIOS, since I’ve heard/read a few reports about it in the past week. I assume you meant not on a network, since, as the other poster pointed out, computers are often not physically connected to a network or other device, and WiFi (or other wireless connections) as an attack vector is pretty obvious.

 

There is some dispute whether badBIOS is real or not, but the basic concept is that it uses the microphones and speakers to transmit malicious code between machines that are not networked in any way. In fact, contrary to initial reports that an infected machine could infect a clean one have been amended to say that two infected machines can communicate using frequencies that are inaudible to the human ear, sort of like an ultrasonic version of an old school modem. 

 

Here is a fairly thorough article on infoworld about it. 

Carla Manini
Vote Up (8)

What about Wifi? Mobile Telecom Technologies 3G, 4G? The computers are not physically connected if you're using  these technologies yet you can get infected if you are not careful.

jimlynch
Vote Up (6)

Researcher skepticism grows over badBIOS malware claims
http://arstechnica.com/security/2013/11/researcher-skepticism-grows-over...

"Five days after Ars chronicled a security researcher's three-year odyssey investigating a mysterious piece of malware he dubbed badBIOS, some of his peers say they are still unable to reproduce his findings.

"I am getting increasingly skeptical due to the lack of evidence," fellow researcher Arrigo Triulzi told Ars after examining forensic data that Ruiu has turned over. "So either I am not as good as people say or there is really nothing."

nchristine
Vote Up (6)

Hi, and thanks for the responses. I worded my question poorly, I wasn’t thinking about WiFi, 3G, etc as Carla pointed out. It was the badBios malware (or potential malware) that I heard the piece about, I just missed the name. Glad to hear that it probably is not a serious threat. Thanks for the info.

Ask a question

Join Now or Sign In to ask a question.
Public certificate authorities (CAs) are warning that as of Nov. 1 they will reject requests for internal SSL server certificates that don't conform to new internal domain naming and IP address conventions designed to safeguard networks.
European data protection authorities still have questions after meeting with Google, Microsoft and Yahoo about the implementation of a recent ruling that gave European citizens the right to be forgotten by search engines.
An iPhone user has filed a lawsuit for invasion of privacy against Apple, about a week after a Chinese state broadcaster raised security concerns about the device's location-tracking functions.
Handling a software flaw can be messy, both for a security researcher who found it and for the company it affects. But a new set of guidelines aims to make that interaction less mysterious and confrontational.
A hacker group calling itself "Anonymous Kenya" has poked holes at the government's cybersecurity preparedness by hacking two official Twitter accounts.
New guidance from Microsoft researchers suggests that users re-use simple passwords and avoid password management services.
Apple has "inadvertently admitted" to creating a "backdoor" in iOS, according to a post by a forensics scientist, iOS author and ex-hacker.
A critical vulnerability found recently in a popular newsletter plug-in for WordPress is actively being targeted by hackers and was used to compromise an estimated 50,000 sites so far.
Google, Microsoft and Yahoo are meeting with European data protection authorities Thursday to discuss how to implement a recent ruling that gives people the right to have personal information excluded from search results.
Hackers have stolen user contact information, including email addresses and phone numbers, from the website of the European Central Bank and attempted to extort money from the institution.