Skip to content

TrojPix: Data Exfiltration from Air-Gapped Systems via Video Cable Emissions

In a nutshell: TrojPix enables data exfiltration from air-gapped systems through subtle pixel manipulation, but requires malware to already be installed on the target machine.

Researchers at Shandong University have demonstrated an attack method that exfiltrates data from systems without network connectivity by manipulating pixels in the video signal. The technique generates radio emissions on the video cable that can be decoded by nearby receivers.

Researchers at Shandong University have developed and documented a new side-channel attack technique called TrojPix. The method manipulates pixels on screens in a way invisible to the human eye, causing the video cable carrying these pixels to emit radio frequency radiation. A receiver positioned in close physical proximity can intercept these emissions and decode them into data.

The technique targets so-called air-gapped systems — computers intentionally isolated from networks. Such configurations are found in critical infrastructure, research environments, and highly sensitive corporate areas. TrojPix thus represents a new attack vector that circumvents traditional network-based isolation strategies.

However, a central prerequisite for a successful attack is that malware is already active on the target system. TrojPix therefore does not serve as an initial attack vector, but rather as an exfiltration mechanism after successful compromise. This reduces the practical risk, but underscores the need to secure and monitor endpoints and the physical environment of air-gapped systems.


Source: thehackernews.com · Published 6 July 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.3.

Share on: