TrojPix Exploits Hidden Video Cables to Steal Air-Gapped Data

A team at Shandong University has demonstrated how even the most isolated computers can still leak secrets—through the very cables meant to display images. Their newly revealed TrojPix technique turns ordinary on-screen pixels into covert transmitters, using the electromagnetic emissions from video cables to ferry sensitive data to a nearby receiver without ever touching a network.
How the Silent Leak Works
TrojPix relies on malware already present on the target machine to subtly alter pixel patterns on the screen. These changes are too faint and rapid for the human eye to notice, but they generate measurable radio-frequency signals in the video cable. A receiver positioned within a few meters can then decode these emissions into the original data, effectively turning a display port into a backdoor. Unlike earlier air-gap attacks that required precise timing or high-power transmissions, TrojPix achieves data rates fast enough to be practical for real-world theft.
Limits and Lessons
While the method sidesteps network isolation, it still depends on prior compromise—malware must first infiltrate the system. That means TrojPix amplifies rather than replaces existing threats, underscoring the need for layered defenses. Organizations relying on air-gapped environments should review physical signal controls around workstations, such as cable shielding and distance from potential interceptors. The research also highlights how even mundane hardware can become an unwitting accomplice in data breaches.
Source: The Hacker News. AI-assisted editorial synthesis — TechnoExpress.

