Skip to main content

New malware can make a PC’s cooling fans cough up passwords, encryption keys

There are a lot of ways to steal info off a computer once you’re connected to it. Whether over Wi-Fi, Bluetooth, Ethernet, or even a USB stick, once a computer is connected to the outside world, it’s no longer safe from prying eyes.

One solution is to “air-gap” important systems, or separate them from other computers and the network at large by removing any remote access. It’s a solid plan, but now researchers from the Cyber Security Labs at Ben Gurion University have skirted that security method. The team managed to transfer data using an infected PC’s cooling fans.

Recommended Videos

To do this, the computer has to be infected with malware designed for it. Once it’s installed, the malware flips the fan speed between 1,000 RPM and 1,600 RPM, an audible difference that a microphone, like one found on a smartphone, can easily pick up on. The demo shows the computer rattling off a long chain of numbers, in binary because of the fan’s two speeds, and a nearby phone listening and interpreting.

In doing so, the malware effectively defeats the air gap. A computer with absolutely nothing connected to it — not even a monitor — could still have data stolen with this attack. The catch, of course, is that a device with a microphone needs to be planted near the target device. That means this malware is never going to target massive numbers of users, but it could still be used to pull off heists worthy of a Bond film.

The malware, which the team calls “Fansmitter,” allows for up to 1,200 bits an hour to be transmitted, in ones and zeroes, over the air to a phone. That’s a full 150 alphanumeric characters per hour, more than enough to steal a couple of passwords or an encryption key.

Malware that attacks air-gapped systems has become an increasingly popular topic over the last few years, as the methods of limiting access to a networked machine become less effective. Fansmitter is not the most practical attack, but it proves that even keeping a system disconnected from the Internet — and any peripherals — does not provide absolute security.

Brad Bourque
Former Digital Trends Contributor
Brad Bourque is a native Portlander, devout nerd, and craft beer enthusiast. He studied creative writing at Willamette…
I found an app that overhauled my Mac’s audio, and I wish I found it sooner
People with headphones listening to Spotify on a MacBook.

Apple’s macOS is a brilliant operating system, but there’s one thing it handles pretty poorly: audio. It’s such a fundamental part of any computing experience, yet it’s left me feeling disappointed, despite going through a ton of macOS updates over the years.

Sure, macOS has some audio controls, but they’re fairly basic. There are sliders for volume and left/right balance, options for which speakers to play sound effects out of … and not a huge amount more.

Read more
4 things I’m excited about in the new Microsoft Surface laptops
Microsoft Surface Laptop Studio 2

Microsoft's new Surface laptops have arrived, and they're more than just routine refreshes. According to Microsoft, powered by Snapdragon X processors and built for the Copilot+ AI experience, they promise significant battery life, performance, and usability improvements. After reviewing the key updates, here are four standout features that make Microsoft's latest Surface laptop worth the upgrade.

Better battery life

Read more
Gigabyte GPUs are ‘leaking’ — here’s what you need to know
Thermal gel leaking from a Gigabyte branded GPU

Gigabyte's RTX 50-series graphics cards are facing an unusual manufacturing defect where the pre-applied thermal gel is leaking out of the heatsink. The first known report came from Quasar Zone, a popular Korean PC forum, where a user found their one month old Aorus Master RTX 5080 leaking gray putty-like material after light gaming of two hours per day. Notably the user mentioned that the card was mounted vertically via a riser kit. 

The problem was quickly recognized as affecting multiple Gigabyte RTX 50 models in the same forum thread with various owners seeing the thermal compound oozing out of the heatsink onto the PCB and PCIe slot area. The issue was confirmed to be affecting Gigabyte’s Gaming OC, Windforce, and Aorus Master variants.

Read more