MicroSD cards vulnerable to hacks, might also apply to SSDs

vbimport

#1

We’ve just posted the following news: MicroSD cards vulnerable to hacks, might also apply to SSDs[newsimage]http://static.myce.com//images_posts/2013/12/ocz_crossover1-95x75.jpg[/newsimage]

A recent security disclosure shows that MicroSD cards contain a security vulnerability. The same hack also applies to other NAND flash memory based devices such as USB sticks and SSDs.

            Read the full article here: [http://www.myce.com/news/microsd-cards-vulnerable-to-hacks-might-also-apply-to-ssds-70006/](http://www.myce.com/news/microsd-cards-vulnerable-to-hacks-might-also-apply-to-ssds-70006/)

            Please note that the reactions from the complete site will be synched below.

#2

I don’t see this as a “HACK” perse, this was probably the intentional design of the SD cards in the first place. It was probably only known to developers & debuggers and now finds its secrets known to hackers & government agencies as well. If the data were that important it would have it’s own cryptography attached in the first place. There hasn’t been any significant mind blowing security breaches concerning plain old hard drives-- they don’t have to… the operating systems & connected hardware are full of them…


#3

If you really need to erase sensitive files, you’re always better off using secure overwriting methods, instead of just assuming the files are “just gone”. File shredders are there for a reason!


#4

That sounds like something related to “hacking” into a supposedly “secure” memory cards made of “managed” flash devices that NAND manufacturers such as Samsung supply by combining controller chips and NAND chips in one package when the hacker gains physical access to the chips.

Does that mean SSD is vulnerable? What about HDD and Blu-ray? What exactly is hacking?


#5

This is actually not the first time I’ve heard of SD cards being hacked - A lot of unusually cheap 32GB+ memory cards and USB sticks on Ebay are actually 2GB to 4GB cards with hacked firmware to give the advertised capacity. It is not until the user stores more than the real capacity that they notice their data has disappeared once they later try reading the files back.

However, if this is about running custom executable code, I’d say the main concern would be if a hacker manages to make a Cryptolocker-like infection for such cards.

Here’s a rough example of how this would work:

You see an unusually cheap 64GB branded card on eBay from a user with high feedback and buy it. You then run H2TestW (or some Fake card testing tool) and it comes with “No problems found”, so then put the card in your camera and head off on vacation.

To your knowledge, everything seems fine, but in the background the Malware is monitoring for any sign of JPG files being written. As soon as it detects one, it then adds a dummy ‘autorun.inf’ file to the root directory that it knows most cameras will ignore. So as you snap pictures and video clips, everything seems fine and you can preview your photos as usual.

Once you return home and insert the SD card in a PC, the first thing Windows does is read any ‘autorun.inf’ file. Once the Malware detects this file being accessed, it does not allow any further read back, but instead presents the user with a text file in the root folder explaining that the SD card has now been locked, that they must follow the payment instructions on blablabla.com to get instructions to get their photos back and that any other means of attempting to read the card’s content will result in the card being securely erased.


#6

[QUOTE=Seán;2715240]This is actually not the first time I’ve heard of SD cards being hacked - A lot of unusually cheap 32GB+ memory cards and USB sticks on Ebay are actually 2GB to 4GB cards with hacked firmware to give the advertised capacity. It is not until the user stores more than the real capacity that they notice their data has disappeared once they later try reading the files back.

However, if this is about running custom executable code, I’d say the main concern would be if a hacker manages to make a Cryptolocker-like infection for such cards.

Here’s a rough example of how this would work:[/QUOTE]
The card will accept the next 512 bytes and run it as code. You don’t need autorun or any other thing. 512 bytes can be enough to run a virus by itself.


#7

I have a drawer full of working USB portable hard drives ranging from 120gb to 500gb, most in eSATA enclosures that also have USB2.0 that work just fine.