Your SSD might be subjected to Over-provisioning malware

More From Author

See more articles

Myntra Upcoming Sales 2025: Your Fashion Calendar for Maximum...

Myntra Upcoming Sales 2025 In the ever-evolving world of fashion e-commerce, Myntra continues to be India's go-to destination...

India CEOs Dominating Global Companies: From Microsoft to Chanel...

India-origin executives are redefining global leadership, with 226 leaders of Indian origin now heading the world's most...

Full Form IT in 2025: What are the best...

Full Form IT: The Best Guide IT stands for information technology in its entire form. Computers are utilised...

Researchers in Korea discovered a weakness in SSDs that allows the malware to infect an SSD’s empty over-provisioning partition directly. This makes the malware practically immune to security countermeasures, according to BleepingComputer.

Over-provisioning is a function found in all current SSDs that extends the SSD’s built-in NAND storage life and improves its performance. Overprovisioning results in a lot of vacant storage space. However, it allows the SSD to ensure that data is spread evenly across all NAND cells by shuffling data to the over-provisioning pool when needed.

While the operating system — and hence anti-virus solutions — are intended to be unable to reach this region, this new malware can infiltrate it and utilize it as a base of operations. Two attacks based on the over-provisioned space were designed by Korean academics at Korea University in Seoul. The first shows a vulnerability in the SSD that targets invalid data (data that has been erased in the OS but not physically cleaned).

To get access to more potentially sensitive data, the attacker can increase the size of the over-provisioned data pool to provide the operating system with more space. As a result, when a user tries to erase more data from the SSD, the excess data stays physically intact.

To tackle the first assault scenario, the researchers recommend designing a pseudo-erase method that physically deletes data on an SSD without harming real-world performance.

What is Malware Signal Hero refresh Your SSD might be subjected to Over-provisioning malware

To fight the second assault type, it is advised that a new monitoring system be implemented that can closely monitor the over-provisioned size of the SSDs in real-time. Furthermore, unauthorized access to SSD management tools that can change over-provisioned sizes should be protected by more robust security mechanisms.

Thankfully, these techniques were devised by researchers rather than being found as a result of a real-world attack. However, an attack like this might very well occur, thus SSD makers should begin correcting these security flaws as soon as possible before someone exploits them.

also read:

Intel surprises all by re-designing the stock cooler of its Alder Lake CPUs

Source

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

━ Related News

Featured

━ Latest News

Featured