The in-HardwareTiny Spy Chips that you can make for only $200

David Linder
Oct 18, 2019 · 4 min read
ILLUSTRATION: CASEY CHIN; GETTY IMAGES

Last year Bloomberg Businessweek made the claim that Supermicro motherboard has been stealthily implanted with a chip the size of a grain of rice, to allow Chinese hacker to spy on the network, the same motherboards used by Apple and Amazon. A lot of people said this was fake news. Supermicro, Apple & Amazon all denied the report, NSA dismissed it as fake news, and the Defcon hacker conference even gave the report an award for ‘most epic fail’. Until now, no follow-up report as confirmed the possibility that is might actually be true.

Before we go into the specifics of the actual chip (that does exist), lets first look at some of the facts. The NSA, have already been doing supply chain attacks for years according to information leaked by Edward Snowden. Security experts say that a device like this is just oh so possible, and should not be dismissed so easily.

“It’s not magical. It’s not impossible. I could do this in my basement.”

MONTA ELKINS, FOXGUARD

Going even further than just stating it is possible, security researcher Monta Elkins has proved this, by showing how any motivated hacker, even with minimal skill could pull this off with shoestring budget. No need for state-sponsored spy agency backing or secret government technology to pull this off.

Elkins will demonstrate at the CS3sthlm security conference this month how he created the hardware in his basement with just $200 worth of equipment. Although the exact process has not yet been revealed, Elkins did state the equipment used was a $40 microscope, $150 soldering tool, and a bunch of $2 chips, all ordered online.

“Basically anyone who’s an electronic hobbyist can do a version of this at home.”

Monta Elkins

Better, it can be invisible, the chip created would be undetectable by most IT systems and would give the hacker deep control. Here is how the chip looks in real life:

PHOTOGRAPH: MONTA ELKINS

Ok, the example above may be slightly bigger than the gain of rice that Bloomberg claimed, this chip is smaller than the fingernail on your pinky finger. The ATtiny85 chip is just 5millimeteres square. This chip requires no extra wiring, in the image above Elkins soldered it directly onto an inconspicuous spot on the motherboard of a Cisco ASA 5505. A smaller chip could have been used, but the ATtiny85 is easier to program so it is more appealing to less skilled hackers. Elkins could have also hidden the chip more covertly, inside one of the radio-frequency shielding cans on the board, for example, but the placement above was chosen because the chip needed to be visible to show at the CS3sthlm conference.

In this example, the tiny undetectable chip was programmed to carry out an attack as soon as the firewall is booted up. It acts as a port directly to that system and gains full access to the firewall and even acts as a security administrator. This firewall setting can offer the hacker remove access to the device and the hacker than then do whatever it likes, including disabling the security features.

This isn’t new either, in a conference last December Trammel Hudson mimics the methods of the Chinese hackers, as reported by Blumberg Business, a built a proof of concept Supermicroboard with a tiny reprogrammable malicious chip. Hudson did this by replacing a tiny resistor chip with a chip of his own, enabling him to edit the data coming in/out of the BMC in real-time! Exactly like Bloomberg reported.

This chip was only a proof of concept, and it is still (only slightly) noticeable, as the original chip was 1.2 millimetres square, and Hudson's replacement spy chip was 2.5 millimetres square, slightly bigger. But a for an adversary who wanted to spend money on this, a custom chip could have been created a custom chip that is the same size, making it much more stealthy.

Photo: Trammell Hudson

But what makes Elkins hack far more impressive is how it’s just as effective and dangerous, but requires very little skill and even less funding, a $2 chip that can be hidden totally!

Supermicro said in a statement:

“There’s no need for further comment about false reports from more than a year ago,”

Elkins and Hundson both stress that a supply-chain hijacking via hardware-based espionage is a very real reality. A reality that is easier to carry out than most people realise.

If I can do this, someone with hundreds of millions in their budget has been doing this for a while.

Monta Elkins

The Startup

Get smarter at building your thing. Join The Startup’s +787K followers.

By The Startup

Get smarter at building your thing. Subscribe to receive The Startup's top 10 most read stories — delivered straight into your inbox, once a week. Take a look.

By signing up, you will create a Medium account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.

Check your inbox
Medium sent you an email at to complete your subscription.

David Linder

Written by

Founder of ProductMafia.com winning dropshipping products uploaded daily.

The Startup

Get smarter at building your thing. Follow to join The Startup’s +8 million monthly readers & +787K followers.

David Linder

Written by

Founder of ProductMafia.com winning dropshipping products uploaded daily.

The Startup

Get smarter at building your thing. Follow to join The Startup’s +8 million monthly readers & +787K followers.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store