The spy fleas myth or reality?
Not so long ago, a hacker was able to demonstrate, that it was possible for US$2, to demonstrate that the concept of spy chips is indeed a threat to be taken seriously.
Indeed, we learn that technically speaking the installation of spy chips is not really only a matter of conspiracy theory but rather a manipulation of technique, which any researcher in computer security specialized can easily do with simple tools to be procured such as a soldering iron and a chip costing only 2 dollars.
This article will also interest you: An iPhone cable can hack computers
If in fact the Bloomberg news agency has experienced a failure monumental with its history of Chinese fleas which would have been implanted to servers U.S. companies such as Apple and Amazon, the fact remains that approach is not entirely a simple theory. Because there was true. That's what seek to prove Monta Elkins, a professional in computer security who decided to take advantage of the Stockholm International Show (CS3sthlm) to demonstrate to the world that server motherboard hacking is possible by spy fleas.
The equipment used in his attempt to prove that his thesis is not merely a theory, is composed of a minimum kit such as a hot air welding station, a chip costing 2 dollars and a microscope. It is with this minimal equipment that our expert would like to demonstrate the ease with which it is possible to hack the targeted equipment if one can have physical access to it. This is probably the least elegant method, but it has the merit of efficiency according to him and on the cheaper side. "In the image of the motherboard of the "Cisco ASA 5505" firewall that researcher Monta Elkins chopped up, the chip can be seen under the motherboard. It would be an "ATtiny85" micro controller, an 8-bit "RISC" chip clocked at 20 MHz and carrying only 8 kilo bytes of flash memory.
This little chip of nothing at all would be according to our expert sufficient to give access to the target machine to any remote attacker. And while soldering iron professionals could argue that its implementation is detectable, Monta Elkins wanted to clarify that the chip had been knowingly placed in a visible location to be observable at the conference. Wired's reporters explained.
the researcher mentioned that for a more it is possible to use a smaller chip. He claims that he chose (ATtiny85) for its ease of being programmed and introduced under the electromagnetic shielding of the element concerned to pass more unnoticed: "We think it's magical, but it's not that hard as this," the IT expert told his Wired contacts: " I was able to do this in my basement. And there are plenty of smarter people than me, and they can do this for three times nothing."
From a technical point of view, the hacking of this expert tends a little towards that of a of his colleagues named Trammell Hudson, who managed to perform a piracy of a SuperMicro motherboard expiring in the manner described in the Bloomberg article while adding that "if you have money to put in, it's not a difficult task."
In other words, if the hacking described by the Bloomberg journalist has not been verified, the fact remains that implanting corrupt components for the purpose of spying on information system, especially industrial, is not something possible. Not only is it achievable but seems pretty easy for someone who has the basic skills. then one wonders for these different states that have enormous resources, what will happen?
Now access an unlimited number of passwords:
