hacking News - CNX Software - Embedded Systems News

Update 16/02/2023: The LUNA board has been renamed to Cynthion, but the gateware framework continues to be called LUNA. Several USB hacking/debugging boards were launched in 2020 either based on microcontrollers or FPGA with the likes of Tigard (FTDI FT2232HQ), Ollie (STM32F042), Glasgow Interface explorer (Lattice Semiconductor iCE40), or Protocol Droid (STM32). All those were launched on Crowd Supply, and there’s now another one with LUNA “multi-tool for building, analyzing, and hacking USB devices” based on a Lattice Semiconductor LFE5U-12F ECP5 FPGA that raised over $100,000 in a few days. Cynthion hardware specifications: FPGA- Lattice Semiconductor LFE5U-12F ECP5 FPGA with 12K LUTs System Memory – 64 Mbit (8 MiB) RAM for buffering USB traffic or for user applications Storage – 32 Mbit (4 MiB) SPI flash for PC-less FPGA configuration USB – 3x High-Speed USB interfaces, each connected to a USB3343 PHY capable of operating at up to 480 Mbps. […]

A few years ago I wrote about the danger of “juice jacking” highlighting the security risks posed by USB charging in public places, where a bad actor could attempt to hack your phone or laptop to steal your precious data or install malware/ransomware. In most cases, there are no risks at home, but it’s when you charge your device in a public place notably an airport or train station that you could be at risk of hacking. If you’re using an Android phone, there’s an easy way to detect Juice Jacking, and whether something fishy is going on as shown in the screenshots below. On the left screenshot, I connect my phone to a USB charger, all that changed was the battery icon changed to show it’s charging. But on the right screenshot, I connected my smartphone to my laptop, and since it’s trying to access data, I’m offered three […]

hacking

Cynthion board enables USB Hacking through Lattice ECP5 FPGA (Crowdfunding)

Security Tip – How to detect Juice Jacking on Android smartphones