42.1 C

Your SSD might be subjected to Over-provisioning malware

Researchers in Korea discovered a weakness in SSDs that allows the malware to infect an SSD’s empty over-provisioning partition directly. This makes the malware practically immune to security countermeasures, according to BleepingComputer.

Over-provisioning is a function found in all current SSDs that extends the SSD’s built-in NAND storage life and improves its performance. Overprovisioning results in a lot of vacant storage space. However, it allows the SSD to ensure that data is spread evenly across all NAND cells by shuffling data to the over-provisioning pool when needed.

While the operating system — and hence anti-virus solutions — are intended to be unable to reach this region, this new malware can infiltrate it and utilize it as a base of operations. Two attacks based on the over-provisioned space were designed by Korean academics at Korea University in Seoul. The first shows a vulnerability in the SSD that targets invalid data (data that has been erased in the OS but not physically cleaned).

To get access to more potentially sensitive data, the attacker can increase the size of the over-provisioned data pool to provide the operating system with more space. As a result, when a user tries to erase more data from the SSD, the excess data stays physically intact.

- Advertisement -TechnoSports-Ad

To tackle the first assault scenario, the researchers recommend designing a pseudo-erase method that physically deletes data on an SSD without harming real-world performance.

What is Malware Signal Hero refresh Your SSD might be subjected to Over-provisioning malware

To fight the second assault type, it is advised that a new monitoring system be implemented that can closely monitor the over-provisioned size of the SSDs in real-time. Furthermore, unauthorized access to SSD management tools that can change over-provisioned sizes should be protected by more robust security mechanisms.

Thankfully, these techniques were devised by researchers rather than being found as a result of a real-world attack. However, an attack like this might very well occur, thus SSD makers should begin correcting these security flaws as soon as possible before someone exploits them.

- Advertisement -TechnoSports-Ad

also read:

Intel surprises all by re-designing the stock cooler of its Alder Lake CPUs



Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Nivedita Bangari
Nivedita Bangari
I am a software engineer by profession and technology is my love, learning and playing with new technologies is my passion.



Related Stories

More from author

The list of Airtel SMS packs as of June 19, 2024

Check out the list of Airtel SMS packs, including costs and validity information. We have shared a list of Airtel SMS recharge plans that...

The Best Recharge Plan for Jio as of 19th June 2024

Best Recharge Plan for Jio in 2024: The Ultimate Guide In the past few months, Jio has introduced and tweaked a slew of new...

My Jio Recharge Plans as of June 19, 2024: Top trending plans from Jio

My Jio Recharge Plans: Since its establishment in 2016, Reliance Jio has made a remarkable impact on the Indian te­lecommunications industry. The company has...

HBO Max in India: Here’s how you can watch the service using VPN (June 14)

HBO Max in India might launch soon but still, we cannot deny that we want to enjoy our favourite HBO shows as soon as...