Side-channel attacks target Mr. Robot

This entry was posted on Tuesday, February 16th, 2016.

This past summer, Engadget’s Violet Blue compiled a list of the top Mr. Robot hacks. These include deanonymizing Tor traffic, the installation of an Android rootkit, compromising an HVAC system using a Raspberry Pi, Bluetooth and text message spoofing, as well as the deployment of a keystroke-injection attack tool.

MR. ROBOT -- "eps1.4_3xp10its.wmv" Episod 105 -- Pictured: Christian Slater as Mr. Robot -- (Photo by: David Giesbrecht/USA Network)

Episode 5, “3xpl0its.wmv,” which aired on July 22nd, 2015, also featured proximity card cloning. As Blue describes:

“In a cafe, Mr. Robot clones a Steel Mountain employee badge using a device in his backpack. This may have been something from Bishop Fox, whose Francis Brown presented research on badge cloning at Def Con 21 (‘Live Free or RFID Hard,’ 2013). Still, there are a number of devices that do this, and a Proxmark 3 would be Mr. Robot’s most likely tool choice here.”

According to Swati Khandelwal of Hacker News, skilled RFID hackers have “repeatedly” used various side channel attack methods to steal information and secret cryptographic keys. Of course, devices such as smartphones, tablets and laptops also contain cryptographic keys tasked with protecting payments, VPN/network connections and on-device flash memory.

While some mobile devices include basic countermeasures, many lack sufficient protection and can therefore be easily compromised. Indeed, even a simple radio is capable of gathering side-channel information by eavesdropping on frequencies emitted by mobile devices and cards.

Although the second season Mr. Robot storyline remains a closely guarded secret, one can’t help but wonder if additional side-channel attacks and hacks will make their way into the wildly popular show. It would also be interesting to see how the show runners may choose to portray various side-channel countermeasures, particularly if the authorities becomes more involved in trying to combat the fictional fsociety.

Indeed, as creator and showrunner Sam Esmail recently told The Hollywood Reporter, Evil Corp won’t remain the sole antagonists of fsociety. “Now we’re dealing with a much larger issue, and I think the law enforcement, in some way, will make a presence in season two, which I think is an interesting new group of characters to explore,” Esmail added.

Perhaps not surprisingly, a number of Robot hacks have actually occurred in reality, ranging from compromised PLC devices to malware-packed USB sticks dropped in parking lots to tempt unsuspecting victims.

“The show gets people on a certain wavelength when they realize oh, my webcam really can be used to spy on me,” Kor Adana, a writer for the hit series, told a cyber-security conference in January. “And maybe I shouldn’t just blindly accept a CD from a street peddler. [Robot] illustrates the very real risks for the average person. An increased level of paranoia is clearly a good thing in this landscape. It comes along with the territory, because we know how to exploit these vulnerabilities.”