During the CanSecWest international conference in Vancouver, members of ANSSI (French Network and Information Security Agency) described how an attacker could remotely take full control of a particular network card model.
The presentation was entitled “Can you still trust your network card?”. The talk explained how an attacker could be able to exploit a flaw to run arbitrary code inside some network controllers (NICs). The attack uses routable packets delivered to the victim’s NIC. Consequently, multiple attacks can be conducted including: Man in The Middle attacks on network connections, access to cryptographic keys on the host platform, or malware injection on the victim’s computer host platform.
The purpose of this presentation, detailed in a press release , is mainly to attract the attention of onboard code developers on the importance of making high-quality developments.
