Security Team Prove That Your Monitor Can Be Hacked at DefCon!

Cyber security awareness is at an all-time high, with governments and organisations investigating and researching both new ways to monitor users and bypass security features while some are still looking at reinforcing and creating new methods to protect people from nefarious hackers. Two such people as Ang Cui and Jatin Kataria from Red Balloon Security, a pair who in their spare time have discovered that not only can a screen be hacked, but could even hold you to ransom or share your private details with someone who’s not even near your PC.

Cui and Kataria have spent their free time in the last two years researching the area of monitor security, a topic where the impact is typically underestimated by many. As demonstrated at this year’s Def Con, their efforts have not been in vain after successfully demonstrating a ransomware message projected directly to your screen, bypassing the entire computer.

The demonstration took place on a Dell U2410 monitor and through a good old fashion piece of reverse-engineering, the pair discovered that Dell, like many other companies, had not implemented any security against the display controllers firmware updates. The impact of this is that after gaining direct access to a monitor, such as through the devices HDMI or USB port, the pair were able to demonstrate the hack by changing a PayPal account balance from nothing to a million dollars, all through the screen.

It’s been explained that you could be held ransom, with certain areas of your screen blocked out until you pay up your hard earned money. What could be even worse is that the technique could be used to log pixels, with the logs then being picked up or transmitted back to another party at a later date. This would essentially give them a play by play of your screen, showing everything from bank details and social media details to confidential documentation.

The technique could theoretically be used against Acer, Hewlett-Packard, Samsung and a long list of manufacturers brands alongside Dell, all using the same approach. If this interests you, they’ve released the code online here in hopes of raising awareness of monitor security.

Gareth Andrews

Disqus Comments Loading...

Recent Posts

Xbox Reveals New Deadpool-Themed Controller with a Cheeky Twist

To celebrate the upcoming release of Marvel Studios' "Deadpool & Wolverine," Xbox has introduced a…

11 hours ago

Nobody Wants to Die Launches Today

Critical Hit Games has officially launched their highly anticipated game, Nobody Wants to Die, today…

11 hours ago

ADLINK Launches New IMB-C Value Series ATX Motherboards

ADLINK just dropped their new IMB-C series motherboards. These boards are designed for businesses and…

15 hours ago

ThunderX3 CORE Fabric Gaming Chair

Ergonomic gaming chair with sleek aesthetics Includes adjustable headrest pillow and 3-in-1 multipurpose footrest Six-way…

15 hours ago

Asus ROG Strix 850W Gold Aura Edition Power Supply

AURA SYNC Aluminum Case ROG Heatsinks Axial tech Fan Design Dual Ball Fan Bearings 0dB…

15 hours ago

CableMod Pro Coiled Keyboard Cable USB A to Micro USB 150cm

Coiled keyboard cable with professional, expert sleeving USB Type A to Micro USB powder coated…

15 hours ago