Anywhere, Any-Stymie: Remote Activation of Trojan Malware on LiDAR with Modulated Signals

📅 2026-06-16
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the challenge of remotely activating dormant malware embedded in LiDAR firmware, which traditionally lacks a viable remote trigger mechanism. The authors propose a novel attack paradigm that exploits externally modulated light signals to remotely activate stealthy trojans within the firmware, enabling real-time manipulation of point cloud data without physical access or network connectivity. This approach represents the first demonstration of using ambient optical signals to trigger malicious LiDAR payloads, circumventing conventional reliance on supply-chain compromises or physical tampering. Experimental results validate the attack’s efficacy at distances up to 300 feet under both static and dynamic conditions (up to 35 mph), successfully injecting humanoid-shaped artifacts—detectable by mainstream 3D object detectors—and suppressing genuine obstacles. The study confirms the critical safety implications of this vulnerability on real-world autonomous driving platforms.
📝 Abstract
LiDAR sensors are widely deployed in autonomous systems for 3D perception and safety-critical decision-making. We identify a previously unexplored attack surface in which dormant malware embedded in the LiDAR sensing pipeline remains inactive during normal operation and can be externally triggered after deployment, without requiring access to sensor hardware or networking at attack time. To operationalize this threat, we design malware capable of low-level point-cloud manipulation and embed it into LiDAR firmware. This malware was developed in a closed research test environment with vendor technical support, rather than by exploiting an inherent production supply-chain vulnerability. To selectively trigger attack activation, we design and implement an optical trigger that remotely activates the malware by delivering a modulated signal into the sensing environment. Once triggered, the malware performs real-time point cloud manipulation, and we demonstrate false object injection and real object suppression on static and mobile victim platforms. Our evaluation first establishes attack feasibility, including static operation at 300~ft and recorded drive-by runs reaching 35~mph. We then illustrate quantitatively that injected person-like artifacts can remain semantically detectable by a state-of-the-art 3D object detector. Finally, we demonstrate multiple modes of safety-critical impact on a deployed tactical autonomous vehicle. Together, these results highlight the need for stronger integrity guarantees throughout the LiDAR sensor development and deployment pipeline.
Problem

Research questions and friction points this paper is trying to address.

LiDAR
Trojan malware
remote activation
point cloud manipulation
autonomous systems
Innovation

Methods, ideas, or system contributions that make the work stand out.

LiDAR security
remote activation
optical trigger
point cloud manipulation
Trojan malware