Your monitor might be vulnerable to hackers using A monitor darkly. Basically you can not trust what coming out on your screen because monitor is constantly changing the content on screen. No need to worry as red balloon security have found it out the real hack.
What is A monitor darkly?
You would have not probably thought about it that the monitor also has a computer inside the monitor which is responsible for displaying pixel and select the input generally called as onscreen display controller. Now research have found out that there is way for attacker to gain access to and cause arbitrary code execution inside the controller of monitor itself.
What if you cant trust the output of computer because the monitor is actually changing the pixels values on screen? that exactly a monitor darkly do!
How It Works?
If the attacker redirects you to a website that looks a lot like your banking website, you are not able see that same SSL lock on your browser. So this is where the attacker would then compromise your monitor and put that SSL lock on to your screen. So your browser is showing you that your connection is secure but the monitor is overlaying the SSL lock. we can use monitor to change what you see as your bank account so instead of having $1000 a monitor darkly can monitor show that your bank account has $1 million.
There is no way user to know because we only interact with this computer through monitors. We estimate that there’s at least a billion monitors on the planet today that’s vulnerable to this type of attack.
Red Balloon’s GitHub
Red Balloon Security, a great online security website, has started to use Github as their primary code repository. This means that all of their code can be freely downloaded and used by anyone, even non-Github users. The beauty of this change is that it will allow Red Balloon to receive more feedback on the quality of their code, which in turn leads to better security practices and better products for everyone! In this article, we will discuss how you can use Red Balloon Security’s Github account to your own advantage and reap the benefits of their hard work while also helping them improve their code with your own insightful comments and improvements!
How to stay Safe?
Ang called this hack as “A MONITOR DARKLY” . the exploit is detailed on red balloon’s GitHub. monitor darkly is featured in season 3 of “Mr Robot“. Ang’s team has informed dell about the vulnerability. DELL recommend users update to a U2417 monitor as security is a top concern and priority
If you’re worried about the recent spate of monitor darkly hacks, there are a few things you can do to stay safe. First, make sure your computer’s security software is up to date.
Second, be careful what you click on online- only download files from trusted sources.
Third, don’t give out personal information online unless you’re absolutely sure it’s a secure site.
Fourth, keep an eye on your credit card and bank statements for any unusual activity.
