Thermanator attack based on the heat transfer that caused by the user while entering input data, such as typing a password on the keyboard.
We leave Thermal residue on various objects that include common input devices such as the keyboard, which we use to enter sensitive details.
Three researchers from the University of California published a paper describing their study on how the thermal residues collected from users who entered both weak and strong password can be recovered as late as 1 minute after entry.
If you are Hunt-and-peck typist then it is more dangerous, it is a method where the user searches for the key location in keyboard and pressing each key only with their index fingers.
Researchers conducted an experiment with “30 users entering 10 unique passwords (both weak and strong) on 4 popular commodity keyboards. Results show that entire sets of key-presses can be recovered by non-expert users.”
Thermanator attack is an insider attack, where an attacker needs to have a physical attack to the keyboard to collect thermal residues.
1. Victim enter’s a genuine password to log-in.
2. The victim may step away from the workplace.
3. An attacker using thermal imaging camera can harvest information from the keyboard.
4. By using the heatmap of the image, attackers can locate the keystrokes typed.
Researchers say Hunt-and-Peck Typists are highly vulnerable, they result in greater
heat transfer, due to longer contact duration with a larger contact area. For Touch typists, two factors confuse their thermal residues and make passwords harder to harvest.
1. Users to swipe their hands along the keyboard after password entry.
2. On-screen keyboard.
3. Users could wear insulating gloves or rubber thimblettes over their fingers during password entry.
Researchers concluded that “Work described in this paper sheds some light on understanding the thermodynamic relationship between human fingers and external computer keyboards. In particular, it exposes the vulnerability of standard password-based systems to an adversarial collection of thermal emanations.”
More technical details can be found in the paper “Thermanator: Thermal Residue-Based Post Factum Attacks On Keyboard Password Entry” published by researchers.
Secure Cloud Migration Guide – Technical and Business Considerations
Best Ways to Protect Data From Cyber Attack & Recover Your Deleted Data in Your Personal Computer
The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…
The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…
Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…
A security researcher discovered a vulnerability in Windows theme files in the previous year, which…
The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…