PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Malware Steals Data By Adjusting Screen Brightness

Malware on an air-gapped computer can transmit data like Morse code by changing screen brightness in a way that's invisible to the naked eye but easily recorded with a camera.

Matthew Humphries
 & Matthew Humphries Former Senior Editor

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

A security researcher has discovered a novel way to steal data from a PC that isn't connected to a network (air-gapped) by manipulating the brightness settings of a computer monitor.

As The Hacker News reports, the new technique was discovered/created by academic researcher Dr. Mordechai Guri of the Cyber-Security Research Center located at the Ben-Gurion University of the Negev in Israel. It relies on the air-gapped computer having special malware installed capable of changing the brightness of a display. However, the changes are only very small adjustments to the RGB color components of each pixel and therefore not detectable with the naked eye.

Stealing data from the infected machine is achieved by encoding the information and transmitting it using the screen brightness changes in a sequential pattern, which is very similar to how Morse code works. The only other requirement for this to work is a camera pointed at the display which can either record or stream the pattern being transmitted. Once the pattern is received, it can be converted back into meaningful data.

For this hack to work in the real world would require someone with access to the air-gapped machine installing the malware. The camera used can be anything from a compromised surveillance camera present in the same room, a webcam, or just a smartphone camera left pointed towards the display (and a strong, reliable 4G signal).

Although this technique is unlikely to ever be used as long as easier methods exist, it's important from a security standpoint to know it's possible and therefore mitigating action can be taken to ensure it can never work effectively.

About Our Expert

Matthew Humphries

Matthew Humphries

Former Senior Editor

My Experience

I started working at PCMag in November 2016, covering all areas of technology and video game news. Before that I spent nearly 15 years working at Geek.com as a writer and editor. I also spent the first six years after leaving university as a professional game designer working with Disney, Games Workshop, 20th Century Fox, and Vivendi.

I hold two degrees: a Bachelor's degree in Computer Science and a Master's degree in Games Development. My first book, Make Your Own Pixel Art, is available from all good book shops.

My Areas of Expertise

  • PC components and system building
  • Raspberry Pi
  • Software development
  • Storage technology
  • Video games and gaming hardware

Read the latest from Matthew Humphries

Read full bio