SRLabs are a security research and consulting think tank in Berlin. Our consulting work contributes to strategic technology projects at Fortune500 companies where we help in understanding and mitigating technology risks. Our security research presented at high-impact security conferences drives security evolution. Past research areas covered RFID, Mobile, and SIM card security. See research for other examples. Our young team is looking to grow in the following capacities.

Open Positions

Project Manager in Berlin

Associate IT Security Consultant in Berlin

Senior IT Security Consultant in Berlin

Your Application

We are looking forward to receiving your application — consisting of your CV and cover letter and including your preferred start date — at: recruiting@srlabs.de

This talk introduces a new form of malware that operates from controller chips inside USB devices. Peripherals can be reprogrammed in order to take control of a computer, exfiltrate data, or spy on the user. We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses.

This talk introduces a new form of malware that operates from controller chips inside USB devices. Peripherals can be reprogrammed in order to take control of a computer, exfiltrate data, or spy on the user. We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses.

This versatility is also USB’s Achilles heel: Since different device classes can plug into the same connectors, one type of device can turn into a more capable or malicious type without the user noticing.

Reprogramming USB peripherals. To turn one device type into another, USB controller chips in peripherals need to be reprogrammed. Very widely spread USB controller chips, including those in thumb drives, have no protection from such reprogramming.

BadUSB – Turning devices evil. Once reprogrammed, benign devices can turn malicious in many ways, including:

1. A device can emulate a keyboard and issue commands on behalf of the logged-in user, for example to exfiltrate files or install malware. Such malware, in turn, can infect the controller chips of other USB devices connected to the computer.
2. The device can also spoof a network card and change the computer’s DNS setting to redirect traffic.
3. A modified thumb drive or external hard disk can – when it detects that the computer is starting up – boot a small virus, which infects the computer’s operating system prior to boot.

Defenses?
No effective defenses from USB attacks are known. Malware scanners cannot access the firmware running on USB devices. Behavioral detection is difficult since behavior of an infected device may look as though a user has simply plugged in a new device. Blocking or allowing specific USB device classes and device IDs is possible, however generic lists can easily be bypassed. Pre-boot attacks may be prevented by use of a BIOS password and booting only to the hard drive.

To make matters worse, cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root. The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer. A BadUSB device may even have replaced the computer’s BIOS – again by emulating a keyboard and unlocking a hidden file on the USB thumb drive.

Once infected, computers and their USB peripherals can never be trusted again.

More details are available in the slides of our talk at PacSec 2014. (An earlier version of the talk was presented at BlackHat 2014.) YouTube has a video of the BlackHat talk.

Proof-of-Concept. We are not yet releasing the modified USB controller firmwares. Instead we are providing a proof-of-concept for Android devices that you can use to test your defenses: BadAndroid-v0.2

Questions? – usb [you know what to put here] srlabs.de

USB has become so commonplace that we rarely worry about its security implications. USB sticks undergo the occasional virus scan, but we consider USB to be otherwise perfectly safe — until now.

This talk introduces a new form of malware that operates from controller chips inside USB devices. USB sticks, as an example, can be reprogrammed to spoof various other device types in order to take control of a computer, exfiltrate data, or spy on the user.

We demonstrate a full system compromise from USB and a self-replicating USB virus not detectable with current defenses.

We then dive into the USB stack and assess where protection from USB malware can and should be anchored.

Mobile networks should protect users on several fronts: Calls need to be encrypted, customer data protected, and SIM cards shielded from malware.

Many networks are still reluctant to implement appropriate protection measures in legacy systems. But even those who add mitigations often fail to fully capture attacks: They target symptoms instead of solving the core issue.

This talk discusses mobile network and SIM card attacks that circumvent common protection techniques to illustrate the ongoing mobile attack evolution.

Smartphones are migrating from lifestyle object to the epicenter of communication on the individual and societal level. Equipped with cameras and microphones and constantly connected to communication networks, the phones are also becoming an attractive target for spies and data thieves. The fear among smartphone users grows without their knowing if and how they are actually being attacked.

This talk aims to take the fear factor out of the smartphone security discussion: We explain how phone attacks work and which ones you should be worried about, what you should demand from your network operator, and how you can protect yourself. To further drive mobile security evolution, we introduce a crowdsourced way to measure mobile network protection around the world.

Security level.

Using fingerprints as credentials for local user authentication has two shortcomings when compared to passwords:

A. Limited revocation. Once a fingerprint gets stolen, there is no way to change it. To offset this high compromise penalty, fingerprints would need to be very hard to steal. However:

B. Credential spread. Users leave copies of their fingerprints everywhere; including on the devices they protect. Fingerprints are not fit for secure local user authentication as long as spoofs (“fake fingers”) can be produced from these pervasive copies.

Fingerprint spoofs.

Spoofs have been produced time and time again from images of latent prints – even while camping – and most recently by Starbug from the CCC to overcome the protection of an iPhone 5s.

Other current devices with touch and swipe sensors are equally duped by spoofs. This video shows how an iPhone 4s-taken photo results in a fingerprint-spoof that unlocks a Thinkpad laptop, a Fujitsu smartphone, and an iPhone 5s:

ID theft risk.

The iPhone 5s’s fingerprint sensor does not only appear to provide no additional protection, its use even undermines other security mechanisms. This video demonstrates how other flaws in iOS and iCloud are exposed that – when combined with Touch ID’s vulnerability to fingerprint spoofing – allow for online identity theft:

Remote authentication.

Fingerprint sensors still have a strong protection proposition: To provide a second (and third) authentication factor in remotely-executed transactions, such as authorizing money transfers. Modern fingerprint sensors can compare templates and scans on-chip – that is: protected from malware on the device – and conduct a strong cryptographic authentication to a web service. Industry seems to be determined to standardize such transactions.

An attacker would need to get access to three credentials: the banking password, the fingerprint sensor that stores an authentication certificate, and a spoof of the fingerprint that activates this certificate. For the most common miscreant, remote attackers, the latter two should be out of reach.

Evolution path.

Defeating local attackers is still of value even when the fingerprint only provides an additional authentication factor.

The iPhone 5s already moved slightly beyond the capabilities of earlier touch sensors: It provides a higher resolution image and – as far as initial experiments can tell – uses this higher resolution to match based on finer structures:

Low resolution fingerprint image, sufficient to create spoofs for older sensors

High resolution fingerprint image with clear features along the ridges, which newer sensors detect

Even these finer structures can be spoofed, for example based on an equally high resolution smartphone camera image, showing that some defense strategies only improve at the pace of the corresponding attack technique.

Fingerprint spoof prevention would better be based on intrinsic errors in the spoof-creation process or on fingerprint features not present in latent prints (and become much harder to steal). Examples of such spoof-detection features are air bubbles contained in the glue often used for spoofs (white dots in left image) and minute details that are visible through a fingerprint sensor but not in a latent print (black dots in right image).

Sensor read of spoof finger with white air bubbles, but fewer minute details

Sensor read of real finger with minute details but no air bubbles

Even by just comparing the density of white vs. black dots, sensors would challenge hackers to improve their spoofing techniques. The iPhone 5s, on the other hand, was defeated by techniques widely published years ago.

The measurements taken at the OHM workshops confirmed that more than a quarter of European SIM cards still disclose signed error messages, of which about half can be cracked due to their use of DES. Each crack takes about two minutes with a complete set of rainbow tables on a standard computer. (At OHM, cards were tested with an incomplete set resulting in a discount in the number of actually cracked cards.)

Network operators are encouraged to upgrade their cards to AES (or 3DES) or disable the OTA functionality of vulnerable cards before criminals are able to infect SIM cards with viruses.

The OHM2013 presentation on Exploiting SIM Cards provides details on the method, test results, and mitigation options.

With over seven billion cards in active use, SIMs may well be the most widely used security token in the world. Through over-the-air (OTA) updates deployed via SMS, the cards are even extensible through custom Java software. While this extensibility is rarely used so far, its existence already poses a critical hacking risk.

Cracking SIM update keys. OTA commands, such as software updates, are cryptographically-secured SMS messages, which are delivered directly to the SIM. While the option exists to use state-of-the-art AES or the somewhat outdated 3DES algorithm for OTA, many (if not most) SIM cards still rely on the 70s-era DES cipher. DES keys were shown to be crackable within days using FPGA clusters, but they can also be recovered much faster by leveraging rainbow tables similar to those that made GSM’s A5/1 cipher breakable by anyone.

To derive a DES OTA key, an attacker starts by sending a binary SMS to a target device. The SIM does not execute the improperly signed OTA command, but does in many cases respond to the attacker with an error code carrying a cryptographic signature, once again sent over binary SMS. A rainbow table resolves this plaintext-signature tuple to a 56-bit DES key within two minutes on a standard computer.

Deploying SIM malware. The cracked DES key enables an attacker to send properly signed binary SMS, which download Java applets onto the SIM. Applets are allowed to send SMS, change voicemail numbers, and query the phone location, among many other predefined functions. These capabilities alone provide plenty of potential for abuse.

In principle, the Java virtual machine should assure that each Java applet only accesses the predefined interfaces. The Java sandbox implementations of at least two major SIM card vendors, however, are not secure: A Java applet can break out of its realm and access the rest of the card. This allows for remote cloning of possibly millions of SIM cards including their mobile identity (IMSI, Ki) as well as payment credentials stored on the card.

Defenses. The risk of remote SIM exploitation can be mitigated on three layers:

1. Better SIM cards. Cards need to use state-of-art cryptography with sufficiently long keys, should not disclose signed plaintexts to attackers, and must implement secure Java virtual machines. While some cards already come close to this objective, the years needed to replace vulnerable legacy cards warrant supplementary defenses.
2. Handset SMS firewall. One additional protection layer could be anchored in handsets: Each user should be allowed to decide which sources of binary SMS to trust and which others to discard. An SMS firewall on the phone would also address other abuse scenarios including “silent SMS.”
3. In-network SMS filtering. Remote attackers rely on mobile networks to deliver binary SMS to and from victim phones. Such SMS should only be allowed from a few known sources, but most networks have not implemented such filtering yet. “Home routing” is furthermore needed to increase the protection coverage to customers when roaming. This would also provide long-requested protection from remote tracking.

Diagnosis. The SRLabs open source tool SIMtester provides in-depth SIM security diagnosis using a PCSC-reader. It is also available as part of the GSMmap live system.

This research was presented at BlackHat on Jul 31st and at the OHM hacking camp on Aug 3rd 2013

Questions? – simsec [you know what to put here] srlabs.de