Articles
Blogs
Kits
Forums
LeeInformation Week posted an article about an attack called Windows Jingle. It is a method about stealing a user’s password by encoding it on the Windows startup tone and then decoding it by using a local or remote microphone.
This attack requires malware on the user’s computer according to the article. Also, since it uses sound as a transmission for the data, the attacker does not need a network connection to get a user’s data.
This attack would also work for Mac OS X and Linux operating systems according to Eric Filiol who explained how this process works at the Black Hat conference in Las Vegas.
Source: Information Week
So they encode it in the audio and play it back then software can descramble it. Interesting concept. No network connectin is needed to retrieve the password but this raises the question of “how does the malware get onto the system in the first place?”