zlacker

[parent] [thread] 3 comments
1. bri3d+(OP)[view] [source] 2025-09-28 16:53:21
Wasn’t the implant supposedly (illogically) implanting custom BMC firmware? This actually always struck me as a somewhat unbelievable part of the story: why install a hardware implant when you could just clip the flash chip and implant something without a physical trace?
replies(2): >>wmf+z1 >>dlcarr+b71
2. wmf+z1[view] [source] 2025-09-28 17:05:22
>>bri3d+(OP)
Flash can always be reflashed (you'd lose the implant if the customer does any firmware update) but a separate implant chip can remain infected forever.
replies(1): >>bri3d+oa
◧◩
3. bri3d+oa[view] [source] [discussion] 2025-09-28 18:10:39
>>wmf+z1
That’s fair - the first thing I’d put in my implant firmware would be a fake firmware updater, but I suppose trading guaranteed persistence for physical detection would be a reasonable tradeoff in some places.
4. dlcarr+b71[view] [source] 2025-09-29 03:46:53
>>bri3d+(OP)
The Bloomberg article specifically mentioned the attack occurring through the addition of extra hardware:

    “In early 2018, two security companies that I advise were briefed by the FBI’s counterintelligence division investigating this discovery of added malicious chips on Supermicro’s motherboards,” said Mike Janke, a former Navy SEAL who co-founded DataTribe, a venture capital firm. “These two companies were subsequently involved in the government investigation, where they used advanced hardware forensics on the actual tampered Supermicro boards to validate the existence of the added malicious chips.”
[go to top]