For decades, the “Air-Gap” has been the gold standard for high-stakes security. By physically disconnecting a computer from the internet and placing it inside a Faraday cage (a metal enclosure that blocks electromagnetic signals), military and financial institutions believed their data was untouchable.
That era has officially ended. A research team led by Mordechai Guri at Ben-Gurion University has unveiled ODINI, a proof-of-concept malware that bypasses solid metal shielding using nothing but the magnetic “breathing” of a computer’s processor.
The Mechanism: CPU Workload as a Radio Tower
ODINI doesn’t need Wi-Fi, Bluetooth, or even a network cable. Instead, it turns the computer’s Central Processing Unit (CPU) into a low-frequency magnetic transmitter.
How it works:
- Infection: The system is initially compromised via a supply-chain attack or a rogue USB drive.
- Modulation: The malware cycles the CPU through intense bursts of calculations. These rapid changes in power consumption create specific, low-frequency magnetic waves.
- The Breakthrough: Unlike high-frequency radio waves, these low-frequency magnetic fields have “low impedance,” meaning they pass through standard computer cases and solid Faraday cages as if they weren’t even there.
- Reception: An attacker places a small magnetic sensor nearby (within 1.5 meters) to “listen” to the CPU’s patterns and translate them back into passwords or encryption keys.
ODINI vs. MAGNETO: The Smartphone Variant
The research also highlighted a second, more practical attack variant called MAGNETO. While ODINI uses dedicated sensors, MAGNETO turns a common smartphone into a receiver.
| Feature | ODINI | MAGNETO |
| Receiver | Specialized Magnetic Sensor | Standard Smartphone Magnetometer |
| Max Distance | 100 – 150 cm | 12.5 cm |
| Transfer Speed | 40 bits per second | 5 bits per second |
| Bypass Capability | Penetrates Faraday Cages | Works in Airplane Mode / Faraday Bags |
Why Conventional Defenses Fail
The most alarming aspect of ODINI is that it exploits the laws of physics rather than a software bug.
- No Admin Rights Needed: The malware requires no special permissions to run CPU tasks, making it invisible to most antivirus software.
- Metal is Useless: Standard copper or aluminum Faraday cages are designed to stop electrical fields, but they are transparent to the low-frequency magnetic fields ODINI generates.
- The Cost of Protection: Blocking these waves requires specialized mu-metal—a prohibitively expensive ferromagnetic alloy that is impractical for most data centers.
Countermeasures: Fighting Noise with Noise
If you can’t block the signal, you must drown it out. Security experts recommend two primary defensive strategies:
- Magnetic Jamming: Deploying hardware-based magnetic field generators to create “white noise,” making it impossible for an attacker’s sensor to pick up the CPU’s signal.
- Software Disruption: Running “chaff” processes that create random CPU workloads, effectively scrambling the data before it can be broadcast.
- Strict Zoning: The most reliable defense remains the “No-Phone Zone.” Restricting all electronic devices from the physical vicinity of air-gapped machines is the only way to ensure a smartphone isn’t secretly recording your CPU’s magnetic heartbeat.
