TrojPix Attack Can Steal Data From Air-Gapped Computers Up to 208 Meters Away
TrojPix is a new electromagnetic covert-channel attack that can leak data from already-compromised air-gapped computers by manipulating the pixels shown on a screen. The research, listed on the USENIX paper page, shows that tiny pixel changes can create controllable electromagnetic emissions from digital video cables.
The attack achieved a peak throughput of 8.1 Mbps and a maximum receiving distance of 208 meters in testing. The team evaluated it across nine commercial monitor manufacturers and fifteen digital video cables, according to the prepublication paper.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
TrojPix does not let an attacker magically enter an isolated machine from outside a building. Malware must already be running on the air-gapped computer. Once that happens, TrojPix can provide the final data-theft channel without network access, hardware tampering, or administrator privileges.
What TrojPix Actually Does
Air-gapped computers are separated from external networks to protect sensitive information. Organizations use them in defense, government, finance, industrial control, and nuclear environments because removing network connectivity reduces remote attack paths.
TrojPix targets a different part of the problem. It turns a normal digital video cable into an unintended transmitter. The malware changes screen pixels in ways humans cannot notice, but those changes alter the electromagnetic signals radiating from the cable.
The work is scheduled for the 35th USENIX Security Symposium, which takes place in August 2026 in Baltimore. That context matters because the project is academic research, not a reported active malware campaign.
| Item | TrojPix detail |
|---|---|
| Attack type | Electromagnetic covert channel |
| Target environment | Already-compromised air-gapped computers |
| Main leakage source | Digital video cables |
| Peak throughput | 8.1 Mbps |
| Maximum tested range | 208 meters |
| Privileges required | User mode, no administrator rights |
How Pixels Become Radio Signals
The attack relies on the way digital video interfaces transmit pixel data. HDMI and similar digital video links use high-speed serialized signaling, and the paper focuses on Transition-Minimized Differential Signaling, or TMDS.
When pixel data travels through a copper video cable, high-speed electrical switching creates electromagnetic emissions. Normally, those emissions are just leakage. TrojPix makes them useful by choosing pixel changes that shape the leaked signal into recoverable data.
The researchers found that modifying the least significant bit of a color channel can change the emitted signal while preserving what the user sees. The screen still looks normal, but a receiver outside the room can detect the encoded pattern.
The Attack Needs Malware First
The most important limitation is the initial foothold. TrojPix cannot compromise an air-gapped computer by itself. The attacker must first place malware on the target system through another route.
That route could involve an infected USB drive, a malicious insider, compromised firmware, a supply-chain attack, or another physical-access method. TrojPix only handles the exfiltration stage after that compromise.
This distinction changes how defenders should understand the risk. The 208-meter number describes how far away an attackerโs receiving equipment can be in a successful test, not how far away an attacker can start the intrusion.
- TrojPix needs malware already running on the target system.
- The malware can run without administrator privileges.
- The attack does not require changing the monitor, cable, or graphics card.
- The receiver stays outside the target computer and collects leaked electromagnetic signals.
- The attack becomes most relevant in environments where removable media or insiders remain realistic risks.
Two Operating Modes Hide the Transmission
The researchers describe two main operating modes. The first is fake screen-off mode, where the display appears to be off or idle while the system continues sending video data through the cable.
In that mode, the malware stops transmission when it detects user interaction, such as mouse movement. The goal is to avoid suspicion when a person returns to the workstation.
The second is foreground embedding mode. In this case, the malware embeds the covert signal into normal on-screen content using small pixel-level changes. The user can keep looking at the display without noticing the transmission.
| Mode | How it works | Why it is stealthy |
|---|---|---|
| Fake screen-off mode | The display looks like it is off while the video cable continues transmitting | The user sees a blank or standby-like screen |
| Foreground embedding mode | Data is hidden inside normal screen content through pixel adjustments | The displayed image remains visually unchanged to observers |
Why the Range and Speed Matter
TrojPix stands out because it combines speed, distance, and visual stealth. The paper abstract says previous electromagnetic covert channels rarely achieved high throughput, long range, and imperceptibility at the same time.
The system uses Pixel-to-Sample Mapping and adaptive decoding to improve long-range communication. In plain terms, it tries to line up pixel changes with the receiverโs sampling process so the attacker can decode data more reliably.
Testing showed strong performance through a 30 cm concrete wall. The paper reports that average bit-correct rate fell from 99.96% before wall penetration to 99.14% after penetration, which still left the channel usable in the tested setup.
What Hardware the Researchers Used
The receiver was not a hidden chip inside the victimโs computer. The researchers used commercial radio equipment outside the target, including a USRP X310 software-defined radio, a directional antenna, and a low-noise amplifier.
The experimental setup matters because it shows the attack does not require direct contact with the target after malware is present. However, it also means the attacker needs specialized radio gear, positioning, and signal-processing capability.
The TrojPix artifact record identifies the research artifacts for the USENIX 2026 paper. The research paper also says the team withheld sensitive implementation details while still discussing the threat model and defense directions.
Tests Covered Monitors, Cables and Real Files
The research team evaluated TrojPix across nine monitor manufacturers and fifteen digital video cables. The tests included different cable lengths, antenna angles, resolutions, wall penetration, nearby monitors, and shielding materials.

In file-transfer tests, the team used payloads from 10 KB to 10 MB. The paper reports 100% bit and character accuracy for those file transfers in the tested configuration.
A separate perceptual study involved 50 volunteers. None of the participants reported visible differences before and after TrojPix ran, which supports the claim that the pixel changes can remain hidden from normal human observation.
- Tested on nine commercial monitor manufacturers.
- Tested with fifteen commercial digital video cables.
- Worked in fake screen-off and foreground embedding modes.
- Reached 8.1 Mbps peak throughput in rate testing.
- Recovered a data packet at 208 meters in outdoor range testing.
- Transferred tested files up to 10 MB with 100% bit and character accuracy in the reported setup.
Mitigation Is Difficult but Possible
TrojPix targets physical leakage, so normal antivirus signatures or firewall rules cannot fully solve the problem. Defenders need to focus on preventing the first malware infection and reducing electromagnetic leakage from high-security systems.
The researchers discuss several defenses, including electromagnetic shielding, signal interference, randomizing TMDS transmission order, pixel smoothing, and moving to leakage-free video interfaces such as fiber-optic video links.
Shielding helped but did not fully stop the channel in testing. The paper reports that added shielding materials reduced performance, but success rates stayed above 91% across the tested shielding conditions.
| Defense | Expected value | Limitation |
|---|---|---|
| Strict removable media controls | Reduces the chance of initial malware infection | Does not address insider or supply-chain threats alone |
| EM shielding | Can weaken leaked signals | May not fully block TrojPix by itself |
| RF jamming | Can interfere with receiver collection | Can be expensive and operationally complex |
| Fiber-optic video links | Can reduce copper-cable EM leakage | Requires hardware and deployment changes |
| Video transmission randomization | Can make decoding harder | Requires changes at the video protocol or implementation level |
What Security Teams Should Take Away
TrojPix is not a reason to abandon air-gapped systems. Physical isolation still blocks many remote attack paths. However, the research shows that isolation does not automatically prevent data from leaving once malware reaches the machine.
High-security sites should treat displays, cables, and peripheral paths as part of the trusted boundary. A workstation with no internet connection can still leak information if its physical emissions can be controlled by software and collected from outside the protected area.
The USENIX Security 2026 listing and the artifact package make TrojPix an important research signal for organizations that manage classified, industrial, or otherwise isolated systems. The practical lesson is clear: air-gap security must include infection prevention, physical controls, emission-aware hardware choices, and strict monitoring of removable media.
FAQ
TrojPix is an electromagnetic covert-channel attack that can leak data from an already-compromised air-gapped computer by making imperceptible changes to screen pixels and receiving the resulting electromagnetic emissions from digital video cables.
No. TrojPix does not provide the initial break-in. Malware must already be running on the air-gapped computer. The 208-meter figure refers to the maximum tested distance for receiving leaked data from the compromised system.
The researchers say the malware can run in user mode and does not require administrator privileges, system privileges, hardware changes, or direct access to peripherals.
The research reports a peak throughput of 8.1 Mbps. In file-transfer testing, the team transferred payloads up to 10 MB with 100% bit and character accuracy in the reported setup.
Organizations should prevent malware from reaching air-gapped systems, restrict removable media, use physical access controls, consider fiber-optic video links, improve electromagnetic shielding, and monitor high-security areas for unauthorized radio equipment.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
User forum
0 messages