This Recon 2014 talk presents a firmware attack on an off-the-shelf hard drive. The implemented backdoor is capable of exfiltrating any data stored on the hard drive, through a network connection, without any modification of the system’s operating system or software. The talk laid out how the hard drive’s firmware is designed, and how the backdoor can interact with the firmware, and then explain how the backdoor can be remote-controlled, p. ex., through an installed web server.
HDD Firmware Backdoor
admin
July 4, 2014