DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
October 16, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 271 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Bloomberg: Hacked Ethernet connectors found in Supermicro servers

Posted on Tuesday, October 09 2018 @ 21:56:51 CEST by


Late last week, Bloomberg reported about a Chinese spy chip that was allegedly found in SuperMicro servers. Not a lot of hard evidence was provided and now the news agency doubles down with a new claim that a U.S. telecom firm discovered a manipulated Ethernet connector in Supermicro hardware.

Security expert Yossi Appleboum, co-CEO of Sepio Systems, claims they discovered a tiny computer inside a modified Ethernet connector:
Appleboum said one key sign of the implant is that the manipulated Ethernet connector has metal sides instead of the usual plastic ones. The metal is necessary to diffuse heat from the chip hidden inside, which acts like a mini computer. "The module looks really innocent, high quality and 'original' but it was added as part of a supply chain attack," he said.

The goal of hardware implants is to establish a covert staging area within sensitive networks, and that's what Appleboum and his team concluded in this case. They decided it represented a serious security breach, along with multiple rogue electronics also detected on the network, and alerted the client's security team in August, which then removed them for analysis. Once the implant was identified and the server removed, Sepio's team was not able to perform further analysis on the chip.
The report alleges that there are many points in the supply chain in China where manipulations to hardware can be introduced. In a written statement, Supermicro claims they have no knowledge of any unauthorized components and have not been informed by any customers that such components have been found. Appleboum claims Supermicro isn't the only one impacted by this sort of supply chain attack.



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba