Researchers find that ‘badBIOS’ PC virus spreads through the microphone audio stream

Security researchers have found that PC viruses can be spread to microphones. Over the years, there has been news about viruses spreading through sound medium but no study was conclusive. Now, the researchers Fraunhofer Institute for Communication, Information Processing, and Ergonomics in Germany have proven it is indeed true. They have submitted a proof of concept demonstrating how a PC virus called badBIOS spread through microphones.

The study found out that it’s possible to transmit computer viruses via sound, confirming a controversial suspicion reported earlier this year. However the shocking news is that the malware was mutating into strange, unexpected new forms.

Three years ago Dragos Ruiu, a computer security expert,discovered that several of his computers were infected with some kind of virus – and, even weirder, they were managing to talk to each other even when their Wi-Fi and Bluetooth connections were turned off. Disconnecting the ethernet and power cables didn’t work either. He physically removed the wireless cards from the machine and it didn’t have any effect on stopping the virus.

Unable to find a plausible explanation, Ruiu continued with his own research and in October, submitted his hypothesis.

“This malware would first get onto a computer on an infected USB stick, where it would burrow into the machine’s BIOS (that’s the fundamental program that runs directly off its hardware). It would then take over the computer’s microphone and speakers and communicate with other computers by high-frequency sounds that humans can’t  hear.”

He found out that the badBIOS malware can literally communicate with each other. Ruiu’s finding were not accepted by the larger security researchers community who assumed Ruiu had made some fundamental mistake.

Now Researchers from the Fraunhofer Institute for Communication, Information Processing, and Ergonomics in Germany have now provided some proof-of-concept that the mechanism Ruiu describes is possible. Using a program originally developed for transmitting information acoustically underwater, they managed to get computers exchanging inaudible broadcasts over distances of up to 65 feet, according to their paper in the Journal of Communications.

Importantly, it wasn’t just two computers talking, but also a demonstration of “how the scenario of covert acoustical communication over the air medium can be extended to multi-hop communications and even to wireless mesh networks”. That mesh network, where each computer talks to several others, would explain how Ruiu was unable to completely clear his lab of infected machines – each time he would wipe a machine then turn it back one, it would be infected by at least one of the remaining machines that had yet to be wiped.

The bandwidth of this method is incredibly small, only a few bits per second, which makes this a pretty useless tool for extracting large files from target machines. It would work well as a keylogger, though, noting down usernames and passwords. These could be used to give access for more traditional viruses.

Though the research can explain how it spread, it has not yet been able to confirm how it first infected Ruiu’s computers. Without any previous known infections, that is a big mystery that researchers have to solve.  Till then, the research now proves that is possible to spread a virus, trojan, malware through sound system and microphone.