Internal LTE/3G modems can be hacked to help malware survive OS reinstalls
With their own dedicated processor and operating system, LTE/3G modems built into new business laptops and tablets could be a valuable target for hackers by providing a stealthy way to maintain persistent access to an infected device.
In a presentation Saturday at the DEF CON security conference in Las Vegas, researchers Mickey Shkatov and Jesse Michael from Intel’s security group demonstrated how a malware program installed on a computer could rewrite the firmware of a popular Huawei LTE modem module that’s included in many devices.
The module runs a Linux-based OS, more specifically a modification of Android, that is completely independent from the computer’s main operating system. It’s connected to the computer through an internal USB interface, which means that it could be instructed to emulate a keyboard, mouse, CD-ROM drive, network card, or other USB device. Those would appear connected to the primary OS.