Presented at
DEF CON 22 (2014),
Aug. 10, 2014, 11 a.m.
(60 minutes).
In this talk we present an open source hardware version of the NSA's hardware trojan codenamed WAGONBED. From the leaked NSA ANT catalog, WAGONBED is described as a malicious hardware device that is connected to a server's I2C bus. Other exploits, like IRONCHEF, install a software exploit that exfiltrate data to the WAGONBED device. Once implanted, the WAGONBED device is connected to a GSM module to produce the NSA's dubbed CROSSBEAM attack. We present CHUCKWAGON, an open source hardware device that attaches to the I2C bus. With the CHUCKWAGON adapter, we show how to attach an embedded device, like a BeagleBone, to create your own hardware implant. We show how to add a GSM module to CHUCKWAGON to provide the hardware for the CROSSBEAM exploit. We improve the WAGONBED implant concept by using a Trusted Platform Module (TPM) to protect data collection from the target. The talk will demonstrate how these features can be used for good, and evil!
Presenters:
-
Teddy Reed
- Security Engineer
Teddy Reed is a security engineer obsessed with network analysis and developing infrastructure security protections. He has held several R&D positions within US laboratories with focuses on enterprise security defense, system assessments, and system and hardware emulation.
-
Josh Datko
- Founder, Cryptotronix, LLC
Josh Datko is the founder of Cryptotronix, an open source hardware company that designs and manufactures security devices for makers. After graduating from the U.S. Naval Academy, Josh served on a submarine where he was the radio communication officer and manager of the key management program. While an embedded software engineer for a defense contractor, he was recalled back to active duty for a brief tour in Afghanistan. In June, he completed his Master's of Computer Science from Drexel University with a focus on systems, security, and privacy. He founded Cryptotronix in 2013. Twitter: jbdatko
Links:
Similar Presentations: