The researchers, from Germany's illustrious Fraunhofer Institute for Communication, Information Processing, and Ergonomics have built some proof of concept software which uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.
The proof-of-concept software could penetrate highly sensitive environments that routinely place an "air gap" between computers and the outside world. It uses built-in microphones and speakers of standard computers. So far the researchers were able to transmit passwords and other small amounts of data from distances of almost 40 metres. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.