Yeah, the interesting attack vectors for side channel signals are ones that don't require malware. Reading data emitted by knowing the target machine's hardware and software is a little more realistic, but still difficult. I remember seeing a demo of someone using an SDR (AM band or close to it) to read emissions from Word's spell check on a laptop in the same room.
If I remember correctly, AWS identified a side channel vulnerabily a year or so ago and had to make some updates. I forget the mechanism, but I think it had to do with VMs on the same hardware being able to access statistics (voltages or power consumption) on the hardware usage that would allow an attacker to access sensitive data, or leak data between the VMs. I don't think any attack actuallly used that mechanism before they patched it though.
If I remember correctly, AWS identified a side channel vulnerabily a year or so ago and had to make some updates. I forget the mechanism, but I think it had to do with VMs on the same hardware being able to access statistics (voltages or power consumption) on the hardware usage that would allow an attacker to access sensitive data, or leak data between the VMs. I don't think any attack actuallly used that mechanism before they patched it though.