Thermanator Attack Steals Passwords by Reading Thermal Residue on Keyboards

guest · Jul 4, 2018

Thermanator Attack Steals Passwords by Reading Thermal Residue on Keyboards
July 4, 2018
https://www.bleepingcomputer.com/ne...ords-by-reading-thermal-residue-on-keyboards/

A person's fingers leave thermal residue on keyboard keys that a malicious observer could record and later determine the text a user has entered on the keyboard, according to a recently published research paper by three scientists from the University of California, Irvine (UCI).

"It’s a new attack that allows someone with a mid-range thermal camera to capture keys pressed on a normal keyboard, up to one minute after the victim enters them," says UCI Computer Science Professor Gene Tsudik, one of the three researchers who worked on the paper.
Thermanator attack can recover passwords, PINs
The UCI team calls this attack Thermanator, and they say it can be used to recover short strings of text, may it be a verification code, a banking PIN, or password.

More details about the UCI team's research can be found in a paper titled "Thermanator: Thermal Residue-Based Post Factum Attacks On Keyboard Password Entry."
Click to expand...

Palancar · Jul 4, 2018

That would only be effective against weak passwords. As an example; if I deliberately gave you all the letters, numbers, punctuation, etc.... in my passphrase I feel strongly that you STILL could not brute force your way in. There are just too many permutations in a 35 character set. Of course joe average user is usually under 10 and maybe closer to 6, so yep for them it could be done!

Log in or Sign up

Thermanator Attack Steals Passwords by Reading Thermal Residue on Keyboards

guest Guest

Palancar Registered Member

Log in or Sign up

Thermanator Attack Steals Passwords by Reading Thermal Residue on Keyboards

guest Guest

Palancar Registered Member

Useful Searches