Categories: NewsSecurity

xLED Malware Lets Criminals Exfiltrate Sensitive Information Through Router LEDs

Internet criminals have come up with yet another creative way to steal data from secure corporate networks. This new method revolves around infecting routers and switches with a new type of malware. As a result of such an infection, the malicious software can control the device’s LEDs and use them to transmit information in the binary format. This does require the attacker to be nearby, though, but it is still a troublesome development.

Led-controlling Malware Is Becoming a Problem

It is quite problematic to think of malware which transmits data by controlling the LEDs fading on a modem or network switch. Since these devices constantly display LEDs – which often flicker if traffic is routed through the device – it is quite difficult to determine when something malicious is going on. Moreover, the assailant needs to be close to the infected device to capture this information, which can be done by using off-the-shelf video recording equipment.

It is evident not too many criminals will use this method of attack anytime soon. However, company employees who hold a grudge against the enterprise they work for could certainly use this malware to their advantage. That is, assuming they get their hands on a working sample. For now, this attack vector is merely a proof of concept developed by researchers in Israel. However,  it shows data can be extracted from networks by manipulating LEDs on these devices.

The malware developed for this particular purpose goes by the name of xLED. The malicious software is capable of intercepting particular data passing through a router or network switch. This information is then converted into a binary data stream and rebroadcasted using the LEDs found on the front of said router or switch. It sounds like a complicated way of broadcasting sensitive data, but it is also an inconspicuous method of doing so. Anyone with a clear line of sight can record the LEDs flashing and exfiltrate data from doing so.

Related Post

As is somewhat to be expected, more LEDs on the router or switch will result in more information being transmitted. Various configurations of these devices have been tested, and it turns out data can be exfiltrated at a rate of up to 1000 bits/second per LED. Multiple LEDs will exponentially increase the amount of information broadcasted. Most enterprise-grade routers and switches have at least seven LEDs these days.

One thing to take into account is how assailants will still need to install this malware on the router or switch. That is not all that difficult, as criminals have been quite successful in doing so for quite some time now. It does not appear xLED or any other similar versions of this malware require physical access to the router or switch to be installed. This means a regular malware distribution campaign can be quite useful to infect routers and switches with this type of malware.

Although this is a relatively new threat, it is not the most convenient way to exfiltrate sensitive information from companies by any means. It is a very impractical way of going about things, to say the least. That does not mean criminals will be dissuaded from giving it a try, though, assuming they can gain access to internal security cameras to record the stream of binary information transmitted by the LEDs. Rest assured this type of malware may make the rounds in the coming years, though, as it is an inconspicuous way of stealing sensitive information.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx
Tags: malwarexLED

Recent Posts

Best Altcoins to Invest in Today: Qubetics Sets the Stage for Blockchain’s Future as Bitcoin Hits $108K and Litecoin Soars

The cryptocurrency world has always been a hotbed of innovation, attracting both seasoned investors and…

7 hours ago

Dogecoin Millionaire Predicts This Undervalued Altcoin Could Match DOGE’s 2021 Gains

Dogecoin's 2021 rally was a historic one, turning ordinary investors into overnight millionaires. This magnificent…

8 hours ago

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

9 hours ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

9 hours ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

12 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

13 hours ago