We are constantly being warned of different ways in which our data can be hacked. We have previously done posts on unsecured wireless keyboards and cameras, but now it appears there is another way hackers can gain access to our computers – through active screen snooping!
By exploiting unsecure monitors, hackers can manipulate screens and even spy on you.
Whilst we can agree that you should not always trust everything that you read online, we rarely question what we may see on our computer screen. But the information displayed on the screen may actually be false because it may have been manipulated.
In some cases, hackers will be extracting data without you even knowing it!
Hacking computer monitors
Red Balloon Security has spent two years researching to try and figure out how to hack computer monitors without hacking the actual computer itself.
By exploiting a hacked monitor, the computer pixels can be manipulated by the hacker, and a secure-lock icon can be added by a URL. This means that someone’s bank account balance may be £10 but has been manipulated to show £1,000. It could also change “the status-alert light on a power plant’s control interface from green to red.”
Chief Scientist Dr. Ang Cui and principle research scientist Jatin Katarina of Red Balloon presented “A Monitor Darkly: Reversing and Exploiting Ubiquitous On-Screen- Display Controller in Modern Monitors.” At DEF CON.
In their presentation, it showed how the team figured out how to change pixels on a Dell U2410 monitor as they found out the firmware is not delivered securely. It showed that an attacker can gain access to a monitor via either the HDMI or USB port, causing the monitor to be ‘pwned.’
Another scenario acted like ransomware, in that it refused to let the user get past the message display unless they paid.
Many monitors are reportedly vulnerable
It’s not just Dell monitors that are vulnerable to attacks. Many brands, such as Samsung, Acer and HP, were used in the research of discovering how vulnerable monitors are. It found that many were vulnerable – reportedly 1 billion monitors, according to Motherboard.
While it is not an easy hack, a determined attack could exploit a monitor to actively spy on the users, and most people would likely not know that their work or home monitors could be showing us something that is incorrect. A hack of our monitors could affect lots of people, especially on things such as stock traders monitors.
Source: https://www.networkworld.com/article/3104926/security/hacking-monitors-for-spying-stealing-data-manipulating-what-you-see-on-the-screen.html