Spyware inside HDD Firmware, How can it be?

Data recovery and HDD repair discussions

Data recovery and disk repair questions and discussions related to old-fashioned SATA, SAS, SCSI, IDE, MFM hard drives - any type of storage device that has moving parts
Post a reply
shahij
  • shahij
  • Posts: 1052
  • Joined: March 11th, 2008, 4:35
  • Location: Bangladesh

Spyware inside HDD Firmware, How can it be?

February 18th, 2015, 10:48

Kaspersky claims they detected spyware inside HDD firmware.

How can it be done?

http://redmondmag.com/articles/2015/02/ ... mware.aspx

http://www.reddit.com/r/news/comments/2 ... e_in_hard/

http://www.m-404tech.tk/2015/02/huge-sp ... idden.html

http://www.dailykos.com/story/2015/02/1 ... -Firmware#
HaQue
  • HaQue
  • Posts: 3903
  • Joined: December 4th, 2012, 1:35
  • Location: Adelaide, Australia

Re: Spyware inside HDD Firmware, How can it be?

February 18th, 2015, 11:06

did you read the release from Kaspersky?

look at second link in bcometa's post

[url][/http://forum.hddguru.com/viewtopic.php?f=3&t=30564url]

How can it be done? easy, well if you have the team, budget, and inclination..

1. reverse engineer firmware, or, more likely, steal the sourcecode.
2. write your exploit
3. deploy with a nice zero day.. or even old one.. who patches?
4. wait until your internet veapon is detonated
5. do your pwnage dance

If you read the pdf you will see how
Alexii
  • Alexii
  • Posts: 775
  • Joined: October 28th, 2009, 14:35
  • Location: Toronto

Re: Spyware inside HDD Firmware, How can it be?

February 18th, 2015, 11:38

You will have to do a lot of reverse work. Different models , different families... Any case , IMHO was not done without input from manufacturers. Then again so what , bug Merkels phone ? Check. Collect local and external phone call metadata? Check. Lie about it ? Check =) Whats a little FW backdoors between friends =)
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

Board index