SD cards hacked

SD cards hacked

Summary: SD cards, including tiny microSD and SIM cards, contain a powerful — and hackable — computer system. Are you sure you want to use your cell phone as a credit card?

SHARE:
3

Putting malicious code on USB thumb drives and dropping them near employee entrances is an old hack. A curious employee plugs the USB drive into their PC and voila, another hacked computer.

At the Chaos Computer Congress (30C3), in Hamburg, Germany, a new and deeper hack of flash storage was demonstrated. Researchers hacked the microcontroller inside all SD and microSD flash cards that enables a man in the middle attack.

As regular readers of Storage Bits know, cheap consumer flash memory — almost all NAND flash – is riddled with defects and problematic behavior, such as electron leakage between adjacent cells. Much background housekeeping, including error detection and correction and garbage collection, it is required to preserve the illusion of defect free storage.

This nontrivial work requires a powerful computer system, at least by 1970s standards. Typically an ARM or 8051-based microcontroller, with clock speeds up to 100 MHz, delivers the required CPU cycles.

These microprocessors need a firmware loading mechanism – usually used only at the factory – that can be exploited by hackers to load new code. This has already been used by counterfeiters who create flash drives that report a larger capacity than they physically contain.

In the hack demonstrated at 30C3, researchers reverse-engineered the instruction set of a particular microcontroller to access the firmware loading mechanism. An SD card could appear to be operating normally while hacking any PC or mobile device – including Wi-Fi equipped cameras – it is plugged into. With the widespread use in SD and microSD card slots this could be a very profitable hack.

The Storage Bits take
The researchers report that these microcontrollers cost as little as 15¢ each in quantity. That means they are almost everywhere — and so are potential hacks - including the SIM cards in cell phones.

While there are no reports of such hacks in the wild, we can be sure that the technologically sophisticated criminals and government security agencies are looking at how compromised microcontrollers could be used for theft or surveillance. Security can be compromised where ever an unprotected computer system lives.

Read the well written blog post that details their work and watch a video of their presentation at 30C3 here.

Comments welcome, of course. Do you think the NSA is already working on this? 

Topics: Storage, Mobility, Security

About

Robin Harris has been a computer buff for over 35 years and selling and marketing data storage for over 30 years in companies large and small.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • No,

    I don't want to use my cell phone as a credit card, but it has little to do with security. It's simply not any more conveinent to use my phone over my card. Either way I have to pull each out of my pocket and provide some sort of authorization. My card is also not depenedent on a rechargeable battery either!
    2low_tech
  • A more simple atack: Return Goods

    Especially this time of year there will be discount on open box returns goods. I got a virus form a SD cad some time ago. I bought a open box camera at a discount and the card was infected. This year my mom bought me an open boxed camera; the fist thing I did was reformat the SD card in the camera.

    As for SD card there is a simple solution , use a one time programmable device. Simple add a fused register. Blow to fuse to set the register to prevent any programing of the ROM.
    Scatcatpdx
    • Does anyone even remember how to build

      PROMs anymore? No one has used an actual PROM or UV-EPROM device in decades. Heck, even EEPROMs have been replaced by Flash.
      mheartwood