2 min read

DNA-Based Malware Can Compromise Computer Systems, According to Researchers

Liviu ARSENE

August 10, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
DNA-Based Malware Can Compromise Computer Systems, According to Researchers

Researchers from the University of Washington in Seattle have successfully encoded a malicious program into a DNA sample, that once executed by a sequencing machine would cause a buffer overflow in the analysis software an allow attackers to remotely control the computer system.

Using a short stretch of 176 DNA letters – or nucleotides – researchers were able to represent binary pairs of zeros and ones (00, 01, 10, 11) by attributing them to A, G, C, and T nucleotides. When processed by the DNA sequencing machine”s software, the string of instructions would cause a buffer overflow that would allow an attacker to execute malicious commands on the system.

“We found that existing biological analysis programs have a much higher frequency of insecure C runtime library function calls (e.g., strcpy),” reads the “Computer Security, Privacy, and DNA Sequencing: Compromising Computers with Synthesized DNA, Privacy Leaks, and More” research paper. “This suggests that DNA processing software has not incorporated modern software security best practices.”

The biological proof-of-concept malware was able to contact a server controlled by the researchers, enabling them to remotely control the lab computer tasked with analyzing the DNA sequence. While researchers believe that this type of attack is unlikely to occur in-the-wild, they do speculate that future attacks could rely on “crafted” blood and saliva samples to compromise computer systems.

The team also said that the vulnerability exploited by the malicious DNA sample did not involve a specific software that”s currently being used by DNA sequencing machines, but a specially-designed software that was engineered to respond to the buffer overflow sequence.

“Our exploit did not target a program used by biologists in the field; rather it targeted one that we modified to contain a known vulnerability,” reads the research paper. “Our key finding is that it is possible to encode a computer exploit into synthesized DNA strands.”

While this is not the first time researchers have used innovative methods for compromising computer systems, it is the first time that DNA has been used to encode malicious code.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet
Silviu STAHIE

February 08, 2023

2 min read
Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns
Silviu STAHIE

February 06, 2023

1 min read
U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine
Silviu STAHIE

February 03, 2023

1 min read