- Oct 23, 2012
- 12,527
Five researchers from the University of Michigan have published a research paper in which they provide the technical concept of a hidden backdoor introduced not in software, but at the hardware level, where it is difficult to detect.
The scientists describe their backdoor as a rogue component hidden in the chip's thousands of similar components. Most of these work as on/off switches, "on" being a binary 1 and "off" being a binary 0, the basic code for all digital devices.
The rogue component, instead of turning on or off, like a transistor, would work as a capacitor, a wolf in sheep's clothing. The capacitor would store energy with every new command it receives.
Backdoor activates only when running malicious code, and then turns off
The researchers say that malicious code can be targeted at that area of the chip. The code can be hidden inside a JavaScript file on a website you visit, inside a ping your computer receives via the Internet, inside a malicious software you installed yourself, or even malware that secretly infects your PC.
This malicious code starts the capacitor's loading process, and after a certain threshold is reached, can direct the system into switching into a privileged execution mode.
Attackers can the run code on your device, PC, tablet, or smartphone, with system-level privileges. When the attacker stops the malicious code, the capacitor loses all charge, and the backdoor automatically closes itself.
The scientists describe their backdoor as a rogue component hidden in the chip's thousands of similar components. Most of these work as on/off switches, "on" being a binary 1 and "off" being a binary 0, the basic code for all digital devices.
The rogue component, instead of turning on or off, like a transistor, would work as a capacitor, a wolf in sheep's clothing. The capacitor would store energy with every new command it receives.
Backdoor activates only when running malicious code, and then turns off
The researchers say that malicious code can be targeted at that area of the chip. The code can be hidden inside a JavaScript file on a website you visit, inside a ping your computer receives via the Internet, inside a malicious software you installed yourself, or even malware that secretly infects your PC.
This malicious code starts the capacitor's loading process, and after a certain threshold is reached, can direct the system into switching into a privileged execution mode.
Attackers can the run code on your device, PC, tablet, or smartphone, with system-level privileges. When the attacker stops the malicious code, the capacitor loses all charge, and the backdoor automatically closes itself.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
