Abstract
This paper investigates the critical intersection of fault injection techniques and the supply chain, unveiling a previously overlooked threat vector in both consumer and enterprise devices. Focusing on the ubiquitous Chromecast with Google TV, we demonstrate that malicious actors can exploit vulnerabilities within the eMMCs through fault injection, introducing malware into the supply chain undetected. This research exposes a new dimension of security risks associated with the manufacturing and distribution processes of widely used consumer electronics.
Our primary focus centers on the Chromecast (and other Amlogic devices) eMMC fault injection, privilege escalation, and persistence methods.
#FaultInjection #SupplyChainSecurity #Chromecast #securityresearch
Know more - nullcon.net/be...
---------------
Follow Nullcon on Facebook: / nullcon
X: / nullcon
LinkedIn: / posts
Website: nullcon.net/
Негізгі бет Nullcon Berlin 2024 | Fault Injection And The Supply Chain - Nolen Johnson and Jan Altensen
Пікірлер