You’ve taken every precaution to keep your computer and network safe from hackers: multiple firewalls plus the latest anti-virus and anti-malware software. But now a new source of leaky data has been unmasked by researchers at the Ben-Gurion University of the Negev (BGU) Cyber Security Research Center (CSRC): the LED lights on your router.

You’ve seen them flashing to indicate that data is being transferred and your Internet is connected. But malware can “infect” your router and program the lights to flash very quickly in a sequence that “an attacker with access to a remote or local camera, or with a light sensor hidden in the room, can record the LED’s activity and decode the signals,” explained Mordechai Guri, head of research and development at the BGU CSRC, who led the study.

The researchers developed their own malware program, dubbed xLED. It infects the router’s firmware and allowed the researchers to steal network data flowing through the router.

The xLED malware can program the router’s LEDs to flash as fast as 1,000 flickers per second for each LED. Since a typical router or network switch includes six or more status LEDs, thousands of bits per second can be encoded.



The CSRC team also demonstrated how malware can siphon data from computer speakers, headphone jacks, hard drives and computer fans, as well as 3D printers, smartphones, LED bulbs, and other Internet of Things devices.

The full technical paper is here.

Unfortunately, the researchers have thus far only identified that the LED light problem exists. The next step will be to develop countermeasures to prevent LED hacking.