POWER-SUPPLaY: Leaking Sensitive Data From Air-Gapped, Audio-Gapped Systems by Turning the Power Supplies into Speakers

In this article, we introduce a new covert channel that enables attackers to leak data acoustically from highly secured, air-gapped and audio-gapped systems. The proposed malware can exploit the computer power supply unit (PSU) to play sounds and use it as an out-of-band, secondary speaker with limited capabilities. Our method enables the production of audio streams in a frequency band of 0-24 kHz and playing audio files (e.g., WAV) from a computer power supply without the need for audio hardware or speakers. Furthermore, we developed techniques that exploit the multiple CPU cores and their corresponding switching frequencies. It enables the production of multi-channel soundtracks and controlling the bit-depth and volume of sound played through the power supply. Sensitive information (documents, biometric data, encryption keys, etc.) can be covertly transmitted to a nearby receiver (e.g., smartphone). We show that our technique works with various types of systems: PC workstations and servers, as well as embedded systems and IoT devices that have no audio hardware at all. We also show that the attack can operate from an ordinary user mode process, run on virtual machines monitors (VMMs), and doesn't need special privileges.