AMD GPU hijacked to sneak PC data

Researchers used a GPU to transmit data over radio waves without physically modifying the card

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Researchers at security firmDuohave tweaked anAMDRadeon Pro WX3100 graphics card as a radio transmitter to transmit data without having to physically modify the hardware in any way.

They did this by manipulating the graphics card’s shader clock rates to become a tunable radio device which they then used to steal data from anair-gappedPC that was behind a wall 50 feet away.

This is an example of a side-channel attack that steals data by manipulating and then observing external indicators such as blinking lights or fan vibrations on a user’s PC. What makes these kinds of attacks so dangerous is the fact that since the hardware is working as designed, it is not detectable byantivirusscanners or any other security software.

To siphon data from the air-gapped PC, the Duo researchers used the radio frequencies generated by the GPU as it operated at different clock rates.

Receiving the data

Receiving the data

To receive the transmitted data, the researchers used a Software Defined Radio (SDR) device which plugs into a standard USB port. These devices are relatively cheap and can be picked up for around $100, though the researchers used a more sensitive model that costs between $300 and $600 in their tests.

They then paired the SDR device with both a UHF and a directional ultra-wideband antenna on the PC used to retrieve the data and used the open source software GQRX to run the receiver.

Using Linux, the researchers accessed the Radeon Pro card’s standard power controls and tried switching between two shader clock frequencies (734 MHz and 214 MHz). This change shifted power around and was able to generate a 428 MHz signal that they could pick up with the receiving device from 50 feet away and through a wall. To enable faster radio transmission of data, the researchers then shifted the power controls between five different 1 MHz clock increments.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Duo’s researchers proved that they could use a GPU to transmit data over detectable radio waves to steal info from a host computer even if it is not connected to the internet. However, there are limitations to this technique as the host machine would need to be compromised by another attack such asmalwareto set up the correct code.

Similar exploits could be developed using this technique forNvidiaGPUs and possibly even for CPUs but due to the complexity required to set up the attack, most users' PCs aren’t at risk.

You can learn more about how the researchers were able to transmit data using a GPU by reading theirfull report here.

ViaTom’s Hardware

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days

A new form of macOS malware is being used by devious North Korean hackers

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case