When you typically think of security hacks and probable malicious intent regarding your mobile devices, it usually boils down to your mobile device itself. An interesting find from Andrew Huang and Sean Cross from Bunnie Blog however, enlightens us on a hack that is possible on even your microSD cards. It isn’t limited to just the microSD cards though, as Huang and Cross state that the hack affects other types of flash memory as well. The blog post details exactly how the hack functions, and they even go on to explain the reasoning behind why the hack behaves how it does.
Flash memory can be potentially riddled with bugs and imperfections, which paves the way for such hacks to take place. Huang goes on to say that part of this is due in fact to a few things, including how cheap flash memory is to manufacture and acquire these days. In the simplest terms possible, the cheaper that flash memory becomes, the more unreliable it becomes, making it more susceptible to hacks or potentially dangerous attacks. The problem here lies in the unreliability of the flash memory. The manufacturers know that it’s unreliable and that it needs to be addressed. To do this they fix the issues with assistance from complicated software that is loaded onto tiny micro controllers that sit on the chip. The micro controllers contain firmware that is used to help with the fixes as well, and this is specifically what hackers take advantage of.
If the software and the micro controller both contain bugs, hackers can replace the default firmware that is used to help contain and fix the bugs, with malware that allows them to deliver a specific attack called a “man in the middle” attack. If your flash memory is affected by such an attack, it then proceeds to behave exactly how the hackers want it to, all the while you’re flash memory looks to be acting and functioning exactly as it should. Since there are no set security protocols to cover this type of attack, the only way to really get rid of it is to physically destroy the flash memory. There are more details on the structure of the microSD to better understand this vulnerability at the bunnie.blog post, and you can also check out the video below which does a detailed teardown of microSD cards at 30C3.