A recent security disclosure shows that MicroSD cards contain a security vulnerability. The same hack also applies to other NAND flash memory based devices such as USB sticks and SSDs. The vulnerability resides in the NAND flash memory microcontrollers. The controllers contain error correcting algorithms which take care of any bad NAND flash memory cells.
Due to the nature of how flash memory works, the memory degrades over time which would result in read and write errors if the controllers didn't correct data stored in erroneous cells. Also during manufacturing some of the sensitive memory cells get damaged.
The controllers which contain the error correcting logic only add about $0.15 - $0.30 to the cost of a microSD card which is likely cheaper than quality control of the flash chips. Hackers now revealed how these microcontrollers can be hacked. Two security researches revealed how they could execute arbitrary code on the controller in a demonstration during the Computer Chaos Congress, currently held in Berlin, Germany.
By sending a certain command to the microSD card controller it became possible to get in a mode where it's normally open to receive firmware updates. Once in this mode, the controller accepts code from the outside world and the hackers exploited this to run their own software on the card.
The hackers claim that their hack could be used to e.g. modify the secure erase function in such a way that the data isn't really deleted from the card but criminals or secret services might find other ways of 'benefiting' from the exploit.
The entire security disclosure can be found here.
