Easy Security Hack: Cracking Firewalls Using Spy Chips

a username and password.

A cybersecurity expert has demonstrated a way to implant spy chips into popular hardware that is so cheap that anyone with US$200 can easily do it. (Image: Screenshot via YouTube)

A cybersecurity expert has revealed a way to secretly implant spy chips in popular hardware products and it’s so cheap that anyone with US$200 can easily do it. Monta Elkins from the security firm Foxguard will be presenting his work at the CS3sthlm security conference this month.

The spy chip

“To create his tiny spy chip, Elkins used a 5 mm Square ATtiny85 chip commonly found on a Digispark Arduino board. He first wrote his hacking code into the chip before removing it from the board and transferring it to a Cisco ASA 5505 firewall. He chose a spot on the Cisco motherboard that would allow the chip to access the firewall’s serial port without needing any additional wiring,” according to Tech Times.

Subscribe to our Newsletter!

Receive selected content straight into your inbox.

Though Elkins could have chosen a smaller chip, he decided to go with ATtiny85 since it was easier to program compared to others available on the market. The chip also could have been hidden more subtly than what Elkins demonstrated. However, he wanted to show the chip’s placement at the conference, which is why it was placed in a relatively easy-to-spot location.

ATtiny85 was programmed in a way that it would carry out the attack as soon as the firewall booted up. “It impersonates a security administrator accessing the configurations of the firewall by connecting their computer directly to that port. Then the chip triggers the firewall’s password recovery feature, creating a new admin account and gaining access to the firewall’s settings,” according to Wired.

The spy chip was placed on the motherboard of the firewall and programmed so that it would carry out the attack as soon as the firewall booted up.
The spy chip was placed on the motherboard of the firewall and programmed so that it would carry out the attack as soon as the firewall booted up. (Image: Screenshot via YouTube)

What is scary is that while the hacker gains control of the network, the administrator won’t even be aware of it. The hacker gets the power to change the firewall configuration any way he wants. By applying reverse engineering, it is possible to reprogram the firewall’s firmware in such a manner that it becomes a full-featured toolset to spy on every aspect of the network.

Elkins wanted to show organizations how easy it is for hackers to gain access to their entire IT network with a minimal budget. He warns that there are people far smarter than he is who can use these methods in a much more dangerous way. Add to it the fact that serious hackers might have more cash and resources at their disposal and the possibility that such spy chips might end up doing significant damage to corporations is significant.

Bloomberg report

Elkins’ spy chip hack comes a year after Bloomberg’s controversial report that suggested Chinese spies were implanting chips in Amazon and Apple servers. Apple did not take to the story kindly, with CEO Tim Cook flatly calling it a lie. Subsequent investigations into the subject by third-party groups also sided with Apple. The fact that Bloomberg was not able to show even one motherboard that contained a spy chip made the claim unbelievable for most security experts.

Elkins’ spy chip hack comes a year after Bloomberg’s controversial report that suggested Chinese spies were implanting chips in Amazon and Apple servers.
Elkins’ spy chip hack comes a year after Bloomberg’s controversial report that suggested Chinese spies were implanting chips in Amazon and Apple servers. (Image: Screenshot via YouTube)

However, Bloomberg has neither retracted its story nor admitted that some parts of it may be false. The story was awarded the ‘Most Over-hyped Bug’ prize as part of the Pwnie Awards, a series of awards given by the security community at the BlackHat USA conference. Though, if proven to be true, organizers agreed that the story would be one of the biggest computer security stories of the year or even the decade.

Follow us on TwitterFacebook, or Pinterest

Recommended Stories

The tower in Kaiyuan Temple with cherry blossoms.

Historical Tale From China: Murong Yanchao Outsmarts a Swindler

During the Later Han Dynasty (947-950), Yunzhou’s leading commander, Murong Yanchao, was celebrated for his ...

A basket of eggs.

Reviving the Simple Long-Lost Art of Roasting Eggs

Roasting eggs is probably the most ancient way of cooking eggs. About 1 million years ...

A closeup view of jail cell iron bars casting shadows on the prison floor.

Successful Entrepreneurs in China Lose Everything Overnight on Trumped-Up Charges (Part 2)

Mr. Yang said persecuted entrepreneurs like him are too numerous in his home province and ...

A polar ring galaxy.

Astronomers Have Discovered a Rare ‘Polar Ring Galaxy’ Wrapped in a Huge Ribbon of Hydrogen

A galaxy can come in many shapes and sizes, from giant, slowly rotating ovals and ...

Mr. Yang.

Successful Entrepreneurs in China Lose Everything on Trumped-Up Charges (Part 1)

Mr. Yang, one of China’s highly successful entrepreneurs now living in exile, recounted how he ...

besenwirtschaft

Besenwirtschaften Explained: Learn More About the Broomstick Inns

Many cultures have their unique seasonal practices, and among these are the Besenwirtschaften. While the ...

Double rainbow over a field of yellow flowers with a tree in the background.

The Power of Emotional Healing in Traditional Chinese Medicine

“The heart’s ailment requires the heart’s remedy,” remarked Zhang Jingyue, a renowned physician from the ...

Sad girl sitting alone.

6 Tips for Successful Emotional Healing

There can be times when you experience some intense emotional pain or trauma that has ...

Engraved illustration of men surrounding Abraham Lincoln on his deathbed.

The Mystery of Spirit Photography: The Lincoln Photo and Beyond

Mary Todd Lincoln, wife of American President Abraham Lincoln, had her photo taken in 1872. ...

Send this to a friend