PC monitor infected firmware or chipset

[SaltNpepper]

Hello, is it possible to screenmirror a display with a custom chipset? A friend of me is proberly victim of physical hacking. He thinks that the display is mirrored within wifi range without internet connection. Same as him i dont have any clue what could have been used. One thing is for sure there has been edit on the chipset. There is also a clicking sound coming out of the monitor. Maybe Bluetooth or serial? 

[dark_pyrro]

If this at all would be the case, then why not just replace the monitor instead of trying to get random theories if it's possible or not. If your friend isn't a potential target for state sponsored operations, then I can't see why this would be happening at all. And, if he/she uses a friend as a proxy to post this type of question on a forum like this, well, then my bet is that this is not an individual that is a target of some intelligence gathering at all.

18 hours ago, SaltNpepper said:

One thing is for sure there has been edit on the chipset

Just being curious though, how do you know that any chipset has been edited? What chipset? In what way has it been edited? Please share relevant information.

[NoExecute]

Well, I agree with dp here. Is it possible to mirror a display, sure. It's an inbuilt feature of most graphic cards / operating systems.
Could you do it with a custom firmware for the GPU chipset..hmmm... Maybe, if you're getting hunted by a x-letter-acronym-agency.
But, over wifi / within wifi range ?...my friend, you've watched to many James Bond movies..

If this is such a problem, that it "might" have happened, simply trash all the hardrives, the hardware, buy something new, and start again.
But, if this is the level of concern, why ? Is it likely that agencies are targeting your friend ?, is it likely that someone would really take the time and effort to do this, or is it simply paranoia, that in the end, is pretty unfounded in reality ?

Yes, you can make devices that piggybacks on monitor signals and transmits them, but why would you ?. It's far easier to write some malware to do it, or dump keystrokes, than go for advanced hardware hacks like this, simply because you would need physical access to implant it, and that's another story in and of itself 🙂

/NX

[SaltNpepper]

1 hour ago, dark_pyrro said:

If this at all would be the case, then why not just replace the monitor instead of trying to get random theories if it's possible or not. If your friend isn't a potential target for state sponsored operations, then I can't see why this would be happening at all. And, if he/she uses a friend as a proxy to post this type of question on a forum like this, well, then my bet is that this is not an individual that is a target of some intelligence gathering at all.

Just being curious though, how do you know that any chipset has been edited? What chipset? In what way has it been edited? Please share relevant information.

I can understand that this thread seems crazy. But im posting this since my friend has less experience. How i know if the chip is edited?Simply a suggest. What we know is that he's neighbor has somehow permission to mess with his stuff, yelling to his room after blocking ip's and stuff which is extreme but not a danger. He knows its the monitor based on unusual behavior of the product: cracking noise coming out of it once in a while. And displayport is not working untill he switches to hdmi and back to displayport a several times. He thinks they have mirror within wifi range since the attacker is close by. Starting over again with new products is wise but he wants to know how. 

[SaltNpepper]

48 minutes ago, NoExecute said:

Well, I agree with dp here. Is it possible to mirror a display, sure. It's an inbuilt feature of most graphic cards / operating systems.
Could you do it with a custom firmware for the GPU chipset..hmmm... Maybe, if you're getting hunted by a x-letter-acronym-agency.
But, over wifi / within wifi range ?...my friend, you've watched to many James Bond movies..

If this is such a problem, that it "might" have happened, simply trash all the hardrives, the hardware, buy something new, and start again.
But, if this is the level of concern, why ? Is it likely that agencies are targeting your friend ?, is it likely that someone would really take the time and effort to do this, or is it simply paranoia, that in the end, is pretty unfounded in reality ?

Yes, you can make devices that piggybacks on monitor signals and transmits them, but why would you ?. It's far easier to write some malware to do it, or dump keystrokes, than go for advanced hardware hacks like this, simply because you would need physical access to implant it, and that's another story in and of itself 🙂

/NX

I understand your point. But he had to deal with attacks for a while on his pc and have seen it happening over and over again, when he bought a new router (+ Display monitor) to get a bridged connection and to get rid of his basic gateway. And he had to disable wifi to prevent wifi cracking. Which made it almost impossible to get his ip again. I think they messed with his monitor based on my reply to DP.  He bought his stuff proberly when they had a rat on his pc which are all facts. Yes he is a victim but not by agency's for sure. Maybe a worker of the company where ordered that doesn't give a F.

[NoExecute]

What we know is that he's neighbor has somehow permission to mess with his stuff, yelling to his room after blocking ip's and stuff which is extreme but not a danger.

What ? How has the neighbor "permission" to mess with his stuff ?

He knows its the monitor based on unusual behavior of the product: cracking noise coming out of it once in a while. And displayport is not working untill he switches to hdmi and back to displayport a several times.

It's quite normal for monitors to not see a signal, sometimes, so you have to choose it, it could be wrong settings, bad cables, a faulty monitor. But, a hack, hmm, not very likely.

He thinks they have mirror within wifi range since the attacker is close by.

So, make yourself a Kali laptop, find a map, buy a yagi antenna and go do some old school wifi hacker hunting trough triangulation..fun and sports all combined, what could be better than that. And, it gives you a chance to do some math at the same time 🙂

But he had to deal with attacks for a while on his pc and have seen it happening over and over again, when he bought a new router (+ Display monitor) to get a bridged connection and to get rid of his basic gateway.

Bridged connection ? what's that got to do with anything ? Getting rid of the gateway, why ?
if he's running on a bridged network, to someone elses wifi / network, no wonder he's got trouble. DON'T DO THAT !! Buy your own internet 😉

And he had to disable wifi to prevent wifi cracking. Which made it almost impossible to get his ip again.

What ?, there's no need for disabling wifi to avoid hacking. A good password, the right encryption protocol, and don't do something stupid, like falling for an evil twin attack, you should be good, no troubles there.

I think they messed with his monitor based on my reply to DP.  He bought his stuff proberly when they had a rat on his pc which are all facts. Yes he is a victim but not by agency's for sure. Maybe a worker of the company where ordered that doesn't give a F.

So, you know there were a RAT in the system, how ?. Did you investigate it ?, did you find it, or are you simply just guessing ?
You should install the OS yourself, from scratch, and install only trusted software, from known sources, or better yet, install some Linux distribution you built yourself 😉

/NoExecute