SD cards hacked

Summary:SD cards, including tiny microSD and SIM cards, contain a powerful — and hackable — computer system. Are you sure you want to use your cell phone as a credit card?

Putting malicious code on USB thumb drives and dropping them near employee entrances is an old hack. A curious employee plugs the USB drive into their PC and voila, another hacked computer.

At the Chaos Computer Congress (30C3), in Hamburg, Germany, a new and deeper hack of flash storage was demonstrated. Researchers hacked the microcontroller inside all SD and microSD flash cards that enables a man in the middle attack.

As regular readers of Storage Bits know, cheap consumer flash memory — almost all NAND flash – is riddled with defects and problematic behavior, such as electron leakage between adjacent cells. Much background housekeeping, including error detection and correction and garbage collection, it is required to preserve the illusion of defect free storage.

This nontrivial work requires a powerful computer system, at least by 1970s standards. Typically an ARM or 8051-based microcontroller, with clock speeds up to 100 MHz, delivers the required CPU cycles.

These microprocessors need a firmware loading mechanism – usually used only at the factory – that can be exploited by hackers to load new code. This has already been used by counterfeiters who create flash drives that report a larger capacity than they physically contain.

In the hack demonstrated at 30C3, researchers reverse-engineered the instruction set of a particular microcontroller to access the firmware loading mechanism. An SD card could appear to be operating normally while hacking any PC or mobile device – including Wi-Fi equipped cameras – it is plugged into. With the widespread use in SD and microSD card slots this could be a very profitable hack.

The Storage Bits take
The researchers report that these microcontrollers cost as little as 15¢ each in quantity. That means they are almost everywhere — and so are potential hacks - including the SIM cards in cell phones.

While there are no reports of such hacks in the wild, we can be sure that the technologically sophisticated criminals and government security agencies are looking at how compromised microcontrollers could be used for theft or surveillance. Security can be compromised where ever an unprotected computer system lives.

Read the well written blog post that details their work and watch a video of their presentation at 30C3 here.

Comments welcome, of course. Do you think the NSA is already working on this? 

Topics: Storage, Mobility, Security

About

Harris has been working with computers for over 35 years and selling and marketing data storage for over 30 in companies large and small. He introduced a couple of multi-billion dollar storage products (DLT, the first Fibre Channel array) to market, as well as a many smaller ones. Earlier he spent 10 years marketing servers and networks.... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.