As more and more security vulnerabilities get patched up, researchers are turning to rather unique methods of siphoning data from PCs. The latest technique (opens in new tab) comes from Mordechai Guri at the Ben Gurion University in Israel. The researcher found that it is possible to use a mobile phone to measure your PC's fan vibrations. Yes, you read that right. The program is called AiR-ViBeR.
The core concept of Guri's work consists of overcoming the air-gap between a phone and a PC using a non-internet or cable-based connection. He has found that the accelerometers in some mobile phones are incredibly accurate and can sense even the smallest of changes in movement coming through your PC's fan vibrations.
Using this knowledge, the researcher wrote pair of programs -- one that installs on the PC as malware and another that can run on your phone. The PC-based malware can then send signals to the PC's case fans, which in turn get transferred into your desk and picked up by the phone for interpretation. CPU coolers were less effective, due to the added damping from the motherboard. The more imbalance there was in the fans, the easier it was to transmit the data.
But before you go off investing in Noctua fans known for being well-balanced, keep in mind that this method of cyberattack is painstakingly inefficient and in all likeliness won't be used by anyone in a real-life scenario. The data rate was slow -- we're talking about single words being transferred. Unless the attackers are extremely desperate and have no other viable way of accessing your data, we wouldn't worry about this attack.
The data rate isn't the only factor holding back the success of this attack method. An attacker would still need to get the malware installed on the PC to be able to send the signals. They'd also need access to your mobile phone to read out the accelerometer; however, this is achievable without any permissions, as many mobile phones give free access to the accelerometer's data through the browser.
In the past, there have been other methods of 'wirelessly' transferring data from a PC to an external device. Using the HDD activity LED to transmit sound through internal speakers and reading out keyboard use through electromagnetic signals are just a few examples. Previously, Guri's team also found a way to siphon data from air-gapped systems using a screen brightness technique.
However, all these methods are largely for research, so don't worry: There's no need to keep your phone off your desk or on a vibration-damping pad.