Archives for dm-crypt

Hard Drive Firmware Implant IRATEMONK

Here is yet another one of the NSA’s firmware implants which can be used to replace your current hard drive’s firmware. This allows the NSA to gain complete control of your hard drive and through the use of other exploits they would be able to gain complete access to your system.   What It Is IRATEMONK is a firmware implant that replaces your current hard drive’s firmware and is used as a backdoor into your system. IRATEMONK gains execution through the Master Boot Record (MBR) substitution. IRATEMONK supports the following hard drive vendors: Western Digital, Seagate, Maxtor, and Samsung. IRATEMONK
Read More

Categories: Information Technology, IT Security, and Preston Hood.

Cold Boot Attacks

Some of you might have heard about an attack called a cold boot attack. This attack is a side channel attack that is performed by stealing the encryption keys out of a systems DRAM and/or SRAM that has an encrypted hard drive. How It Works A cold boot attacks are pretty simple to preform, but for the group of people who figured it out, it was no walk in the park. The reason cold boot attacks work is because usually none of the information that is stored in your RAM is encrypted and therefore the attackers are able to gain
Read More

Categories: Information Technology, IT Security, and Preston Hood.