Because most modern computers, especially
laptops, have built-in microphones and speakers, air-gap malware can be designed to communicate secure information acoustically, at frequencies near or beyond the limit of human hearing. The technique is limited to computers in close physical proximity (about The physical proximity limit can be overcome by creating an acoustically linked
mesh network, but is only effective if the mesh network ultimately has a traditional
Ethernet connection to the outside world by which the secure information can be removed from the secure facility. In 2014, researchers introduced ″AirHopper″, a bifurcated attack pattern showing the feasibility of
data exfiltration from an isolated computer to a nearby
mobile phone, using
FM frequency signals. In 2015, "HELLONE", a covert signaling channel between air-gapped computers using thermal manipulations, was introduced. "BitWhisper" supports bidirectional communication and requires no additional dedicated peripheral hardware. Later in 2015, researchers introduced "GSMem", a method for exfiltrating data from air-gapped computers over
cellular frequencies. The transmission - generated by a standard internal bus - renders the computer into a small cellular transmitter antenna. In 2016, researchers categorized various "out-of-band covert channels" (OOB-CCs), which are malware communication channels that require no specialized hardware at the transmitter or receiver. OOB-CCs are not as high-bandwidth as conventional radio-frequency channels; however, they are capable of leaking sensitive information that require low data rates to communicate (e.g., text, recorded audio, cryptographic key material). In 2020, researchers of
ESET Research reported
Ramsay Malware, a cyber espionage framework and toolkit that collects and steals sensitive documents like Word documents from systems on air-gapped networks. == See also ==