Locking Hands: Ransomware Meets Bioimplants

Hey, good morning everybody. Welcome to Bides Las Vegas Common Ground. Ready to get the first talk of the day kicked off. Uh first thing we'd like to thank our sponsors, especially our diamond sponsors Adobe and Aikido. Uh gold sponsors, Formal and Drop Zone. Uh their support uh along with the donors and volunteers makes this event possible. Uh, please make sure your cell phones are set to silent as a courtesy to our speakers and everybody around you. Uh, quick reminder, our photo policy prohibits taking pictures without explicit permission from everybody in the frame. Uh, talks are being recorded and will be available on YouTube after the event. So, now let's set the tone for Bides Las

Vegas 2025 the right way. Uh, our first speaker is no stranger to this world. He's an Argentine hacker uh who is a Defcon veteran hitting the stage more than a dozen times and a pioneer in the threat intelligence and biohacking community. Today he's taken us into uncharted territory where ransomware doesn't just threaten your files, threatens your body. This is the future of cyber risk. You are about to hear it from one of the sharpest minds in the field. Let's make some noise for Maro Eldrich. [applause] >> Hi everyone. Thanks for coming to my talk. Thanks for choosing my talk. Um I know it's early so I I won't get too tech too technical or too boring. First

of all, this talk is about an experiment which started it started as experiment with our friends just like everything good starts and I will tell you how we designed this kind of uh animal word for bio implants. We are going from the basics from what's an implant, what's ransomware until all the problems we faced and all the things that we discovered in the way. First of all, this talk has a co-speaker Emanuel who was not available to come today here for a cryptographic incident in his hand not related to this talk. Uh we both work at the same DC uh which uh comprehends Argentina and Uruguay and we work on the same startup that we founded ourselves.

So first of all um this talk is basically on how to building in a small ransomware for bio implants. We will again go from zero to hero. We try to cover everything and we found uh something very funny which is that most people who are interested in bio implants usually after injecting it do not place a password or place a very easy to guess one like 000000 1 2 3 4 uh their year of birth and so on. And this is something that we took to our advantage. We actually haven't exploited anything in bio implants. It's all basics uh user uh misuse. Uh as a small trigger warning uh when you see this symbol here, it means that

the next slide may contain uh you know needles, injections, surgical material or x-rays. It we won't show, you know, blood, body fluids, anything that will be violent. It's just medical material. But I know that maybe some of you are sensitive to it. So it's nice to have this prior warning. So let's start by the most basic things. I won't get uh too technical on this part is I want to make it friendly for everyone. Most of us already know what Ramsar is. It's a malicious software that encrypts something like your files, your storage, your machine, your uh virtual machines, your cloud instances and will ask you for a payment in order to give you back your files. If you

don't pay, you won't get them back. So the new part on this is what are bio implants? Bio implants are small subdermal device. This means that they go under your skin. They are inserted with a syringe and they have different capabilities from RFID um identification NFC and so on. They have no need for an external power source. So the reader itself when you interact with your implant it will power the implant um to be able to be used. This X-ray is actually uh mine from my hand from my right hand. This is the implant we will use on this uh talk. They are typically injected. You don't need a surgical process a procedure. You only need uh

someone to inject it on your hand and you're good to go. Most of them are able to be used right away after being injected. there's no need for uh anything else. The recovery process is quite easy to undergo. And common uses for this kind of implants are two access control and object interaction. For access control, I mean that you can actually access via reader, a specific reader to your laptop, uh to your cars. There are people unlocking Tesla with a specific implant. Uh there's have been used it also to unlock smart homes uh other devices and even weapons you know on certain weapon grips were custom modified to be able to recognize the implant and if the implant

is not present the trigger will be locked out so you won't be able to fire. Also there are other different appliance home appliance and from smart safes to other things that could make use of this uh implant. Actually, anything that you can open with an NFC card or token or tag could be uh manipulated very easily to be able to be used with an implant. Now uh since all my DC have implanted danger of things implants, we will talk about this models. Uh this again we are not uh attacking the implant. We are not exploiting a vulnerability. We are not saying that dation of things is actually vulnerable but it's actually what we have in my DC at South America to use.

So we resorted to researching focusing on these models. There are different models. Some only include RFID, some include only NFC, some uh can also be used to open as I say before the Tesla cars and also to generate OTP. you know, the codes that you can generate with Google authenticator, for example, or other token generating applications. And there are some cooler ones that actually include uh certain things like lead lights like the one that you can see here. Every time you read, you will power not only the chip, but you will also power a lead light on different color. There there are other models that include uh thermal sensors and can that can be used also for contactless

payments and again to read or to write to it or to interact with it you need a reader. This reader can be a dedicated reader that you can buy with from different manufacturers or a phone for example. Now here comes uh the question how do I prevent someone from reading my implant? You can place a password for to avoid that. Uh how do I stop someone from overwriting my implant with something that I don't want to be written to it with a password? But what happens if somebody actually writes something nasty to my implant and locks it out? And you might ask yourself, well, who could do that? And we were drunk enough to try it

out. So in this chapter, we will try to develop the solution to encrypt the implant. Excuse me. But as you will see on the next slide um on this field we found more problems than answers. So we all this chapter is dedicated to problems. We had lots of problems. The first one was that there was no API no application to interact with the implants yet. So we had to draft it from scratch. And in order to draft an API for such a thing, you need to actually understand how they work. There was plenty of documentation, but it wasn't enough for us to understand. So, we had to do some kind of things that uh you will see here. [snorts]

First, for this experiment, we'll use a next implant, a next implant from dangerous things that has NFC and RFID uh capabilities. We will only focus on the NFC part. when you try to read it, it will read just like any other NFC tag. You will see the contents, you will see the serial number, you will see if it is uh password protected and all kinds of information. Now, when you read the implant, you will see that the memory pages are actually named. They have a name after them. You will see here we have UID, uh, int, lock OTP data password config and so on. We are only interested in three. Since we are trying to lock it out, we

are interested in three things. Where is the password stored? Where is the data stored? Because we want to write something nasty on it. And also, we want to avoid breaking the implant. There's a special registry called lock that if you activate or if you write to it, you will actually freeze the implant in place. Whatever is written is written for good. It doesn't matter if you have the password. It doesn't matter if you are the manufacturer. It doesn't matter what tool do you have on your site. The tag is no longer able to be rewritten once again. So if I write mao and just activate the lock page, mauo is the content that will be there forever.

Since we are not monsters, we want to avoid touching that registry. So we had to understand the contents of the implant from zero to 100% before starting writing things. The other two entries that we are interested in are data because we want to write data to the implant and password because that's where the password is stored. We also need to understand how the password is stored. And that's one of the biggest problems today that we have with implants because the implant has a super super reduced size and a super reduced size uh allocated for the password just four bytes. And here's when you say but that's actually not true because I tried writing a super long password to my

implant and it worked. And yes, and that's because every single application that you have will apply a specific function to the password that you uh that you have. For example, it will hash it with MD5. From that hash, it will take the last four bytes or the first four bytes and will apply it to the password. That way, you still retain the password on your memory, but the implant has a special version, a reduced version of the password inside. This means that the function that is applied by the application is proprietary and we found it the hard way. So it's proprietary. The application that encrypts is the only one in the world that will decrypt

that password because it will be the only one to apply the exact reverse function to say yeah I remember that I used MD5 and then from MD5 I took the last four bytes and I put the last four bytes. But if you try with another application, it will say, "Yeah, I hash three times with sh one and then take the first four bytes." So even if the password is the same exact one, it won't match. We found it the hard way after breaking a couple tags. So remember this, the application that locks is the very same that unlocks. This is the first law of bio implants here, at least on this talk. So after learning this and after

learning lots of lessons the hard way, we developed the first API to work with bio implants. This API just does what you can see on this menu. It will get the implant information. It will read the contents both row and the end message and will write content to the implant without being able to lock anything out. If you use this version, this API, you won't be able to break anything. It's safe to use. You are able to read, to write, to do whatever you want. Why you said this? >> Your peach juice has not arrived yet, but I brought some pineapple. We'll get you the peach later. >> Thank you. [laughter] >> I asked for juice.

Okay. So, what's the point on reading the implant uh the row implant? The point is to understand where are things stored. Again the documentation was pretty good but we are not so smart to understand every single thing on this super niche application. So this is how it works. It will give us all the implant information and dump all the contents bite by bite. It's like using the DD utility on BSD. It will dump everything bite by bite. And this is the content of the original content of the implant. Now this is where the hard part begins. I had my implant with the content let's say with a string mao store it the very same implant encrypted with password 1 2

3 4 I damped the contents and kept them in a place I then unlocked the pass the the implant and damped the memory and I started comparing them what's the difference between this very same implant with the very same string when it's encrypted versus when it's not encrypted and we started finding uh we were using Revit's Revit's AI intern I think it's the the AA model to compare both of them and he told me well the differences are here here and here and these are the contents we managed to learn where the password is stored and how it was stored but there were other pieces of memory that we were still have to nail down what were they up to what

was the meaning because remember if we flip the wrong bite we will lock the implant for good we will still having that risk of locking the implant for good and I don't want to be with something under my skin lock it forever saying something you know stupid and after trying different passwords you know easy password 1 2 3 4 000000 99999 we started nailing down the memory positions that change it when you encrypt the implant and so we came out with this kind of atrocity because if the world needs something new it's more ransomware that's exactly what the world needs more malware And that's a joke actually. Don't don't take it seriously. So we added over senset over this API

where the capabilities to write to write the content a specific string and to add a specific password that you define on the config file. Give me a second. Now uh this window is cut in half because I want to show you to highlight something specific. We are working with an ACR 1252 uh reader which is actually the only thing we can get in in my country. It's pretty bad actually. But if this worked on that reader, it will work on almost anything. That's something good. [snorts] Another lesson learned the hard way. And we have the information on the implant and then we have the new payload that we will write. Your implant has been encrypted. Visit

our site- ransom. Now there's a problem. You will say, "Mao, this ransom note is kind of short. This is small. Is doesn't say too much. You don't put a a crypto wallet. You don't put an onion website. What kind of RAMs and what actor are you?" And this is the new problem that we are facing. When you want to read or write large chunks of data on implants or on any NFC tag, the implant must be exposed to the reader all the time. If you cut the reading process, this is my implant. This is the reader. If you cut that process, all of what you are doing goes to waste. It stops and you run the

risk of, you know, uh harming the implant. So we had to reduce the communication as much as possible because nobody will stay with his hand over the reader for five seconds. It's it's not a real case. So I had to uh let's save on space as much as possible. So that's why the ramson note seems to be short but actually writes a lot of pages to the implant. See wrote from page four to 19. And when you see this as a row dump, you will see that the RAM now is not that really short. You can compare on the second picture that it says uh the the row value your implant has been encrypted. But the payload below it's a

little bit bigger. The payload actually has 60 bytes. 55 bytes it's the uh RAM note and the other four bytes the password that we put there. And here comes the problem. We already have a working solution. We already have something that works. But you still uh Oh, sorry. That's this is normal. It's time for the demo. But before uh you know that there's a misconception that when working with NFC, the contact must be perfect total. You must be perfectly placed against the reader, making fully contact with no distance, with no obstacles. And that misconception comes from people working mostly with things like transport cards, you know, that you need to just since it's something super thin. You need to

be careful to place it over the reader, to keep it, to even push it some a little bit. But actually we found out that implants and the readers that we were using uh resisted a lot of obstacles. Give me a second so I can set this up for you. This one uh I will take the sound. I will speak over. This is one of the first tests we did with this reader. You know if you place the implant, it will just absolutely read. There's no problem on it. But what happens when you place obstacles? And by obstacles, I mean folding [snorts] a paper, a a semi plastic paper over and over again and trying to read it on top. Surprisingly,

it actually works. You don't have to be perfectly fit. It doesn't have to be perfectly aligned. It has some difficulties, but it actually reads. And you say, "Okay, what does this has to do with the experiment?" Because let's take a look once again at the reader. Give me one second. See this reader? See the size? There's no way we are going to, you know, hide this anywhere. It's super big. There's no way somebody by accident will stumble up across the reader and put their hands on. So, we have to invent something, something smaller, something that looks not so suspicious. And here comes our second idea. After sewing off lots of things in my home, after toring apart joysticks,

microphones, and things, we found out that the best answer to our prayer was a dork knob. And not any dark knob, a Bor knob. Bouldor knobs had the perfect grip for the implant. Look at my hand. This is the knob. You do this, that's perfectly aligned. And also if you lock somehow or if you make it hard to be twisted the people will person will remain touching it. But here comes the problem. We can't fit that giant monstrosity inside the doororknob. So we have to build another encryptor homemade one. And our prayers were answered with these two chips PN532 and the ESP32. Uh, as you can see, there's some wiring to be done, but this is not the end of

the problem. ESP32 and ESP 8266, the one in the back, actually do not support Python in the language in which lockkin is written. It actually um needs to be rewritten in microython, which is a micro version of Python. And even if that's a micro version, we have a problem. These two chips have really really low memory. So we have to tear down lots of functions. We have to make everything fit into the smallest possible. It's like code golfing on asteroids. So I I told you this talk is all problem after problem after problem. Uh and this is how I end up here because I have these ideas and I have to do this kind of things. Not complaining.

And we have to put this small reader inside a doorork knob. This is a Chinese manufactured one. Actually, uh that little green ring that you see, it's uh a recycled metal part from uh you know those kind of uh uh the things that you rub when you are sick. Well, kind of uh from a Chinese manufacturer. This is not metal. This is actually plastic. So, it works on our advantage. I was about to sand it a little bit from the inside, but it worked at the first try. problem is to be fully honest with you, it's hard to align this chip inside the doorork knob. So I had to use some, you know, advanced manufacturing techniques.

I basically took uh play-doh and started putting play-doh, you know, plastic all around until it it stood on the place, but it worked. Now, oh sorry, there's some wiring to be done as you can see on this diagram. problem is the ESP won't fit along the chip inside the door. So, we have to wire it and put it on the other side of the door. Not and here's the problem. If we want to wire it and we want to put it across the door, we have to drill through because there are this uh this uh bolt in the middle of the lock that won't allow us to pass cables through. So I had to drill the lock and

on the process I destroyed it. So it ended up being uh fix it in place. It won't twist again. But well it worked for the PC. Normally on a normal situation I will have just drilled a socket on the door place it inside the ESP the battery and the wiring all on the inside and I covered it with you know a poster or whatever. But I was already I have already sewed off half of my house. I tore apart half of my electronics. I was going to be evicted. So everything was sawdust. I woke up in soda. Soda. Sawdust. Sodas everywhere. I cover with sodas for days. So I decided to make the best thing I could make a

candy can with a small uh thermo retractal cable. Those cables that you just pass a lighter on and will shrink. And it's the best I could come up. This is from the inside. you know that it's still super visible I know but it's what it works now comes uh a first testing we will test the encrypting speed on the thick I I call it thick client you know the big reader and then we will go to the door give me a second so I can switch this window

so here what we will try to see is the speed and reliability of the locking process, the encrypting process. So I set up the reader, I set up lockkin in the background in that shell. I always try to uh read it first. It says mao. We will now reconnect the reader and run lockkin. And then we will try to count how many seconds it takes to fully lock down. Give it a second. It's now listening. It opens a listener and will lock anything that you place on its reach. It won't stop after one locking cycle. It will try to encrypt as much as possible. And it is in just a fraction of a second. it

was able to write that ramsson note and automatically the reader um recognizes it as locked and puts the uh ramsson note. So in theory on the big machine with a big reader it works. It's now time to test it on the doororknob. And here comes yet another problem. Uh if any of you have worked with ESP32 or 8266 in the past, you may know that there's aside from the memory limitations, we have another problem. How to access the microcontroller? There's two ways. One via USB cable, you use an application like screen or anything and you connect to it and dump the contents. It's like a debug mode. But the USB port is being used by a

battery because we need to power these things up. So that's not an option. The second one is that we have a Wi-Fi connection. There's a Wi-Fi chip inside the ESP32 and 8266. But in order to access it, you need to write a sort of API and I was running super out of space. I didn't have space to place MicroPython lock skin and also to draft an API to access. So I ended up doing something uh kind of nasty which is the last encryption cycle will be saved to a txt file only the last one because we don't have more space and we'll connect via Wi-Fi to an endpoint called dash called d-l last or the last

lock I can't remember and it will just cut the file to the one requesting it. So you will be able to see that the implant got encrypted but there's no way unless you have physical access to uh actually interact with the locker. This is something I will work on a newer version. Let me show you. Before jumping to this demo, let me explain you what's happening on here. This is my beautiful laboratory door. And on the terminal that you see on top that is pasted on I wrote a small Ruby script that we will just uh do like uh like wget or curl you know C URL um to the ESP32 to see if there's something

written on the last log when I place the hand it should encrypt and tell okay yeah I have a last running cycle that went through and these are the the output messages. It will try to run 10 times trying means um doorork knob. It will try to contact the port and you see that is still trying. I try a little bit. I filled with it and there it is. It sent it. Sorry, no it didn't send it. It wrote the last log from the locking process to the ESP memory and a micro Python API will just fetch that file and say hey this is the last running cycle I had. As you can see, this doesn't has

color. It doesn't has full information because I tried to fit as much as possible in such a super small uh space that actually uh it worked, but it has lot of functions that have been cropped out of this final micro version. And so with this, this is was all fun and logs until we have to decrypt the things. And when we jump into this part was when we found out that we had actually broke out a lot of taxs not implants just tax because the function we wrote was hard to reverse back. We ended up calling it a day and discarding the tax but luckily no implants were harmed during this experiment. [snorts] So we created a decryptor for lockkin

which actually just sends uh row NFC commands to decrypt it back. So if you ever if you have implants and a friend who is not so use it to do good jokes and encrypts you there's always a way back to decrypt it. Uh we are not using any hashing or proprietary function. We just place the password in row just the number. So you will always be able to decrypt whatever this kind of monroity does to you. So uh in this case we place 1 2 3 4 and you see that the authentication command is always 1B and the code for 1 2 3 4 and the reset command to reset the implant. That's it. You just run the recryptor let's say 999

sorry 9944 same once again authentication command is 1b 39393434 and the reset command which is kind of universal for this you can use any application to unlock log skin because again we are not using any proprietary function you will be able to always go back for the damage done and of course don't try this on something that you're not um willing to lose in case something goes wrong because anything can go wrong. Your writer could just uh mess up in the middle. Something could get disconnected. It any component could get fried in the middle of the process. So use it on something that you're um not not looking forward but that you are accepting to lose. And you can even

place it as a small on certain applications as a small app or small command and you can always bring it back to life this way. Now uh what have we learned about this aside that I shall not show off anything any longer on my house? Um new threats uh this innovations brings always new attacks or faces. uh if someone invents something there's someone there's always someone behind that person that will try to play with it break it or repurpose it and this is actually something good new technologies uh we didn't we are not quite fond of using AI ourselves we don't quite jumped into that train so far not not bashing on it just we don't

quite like it but honestly uh all the reverse engineering process was uh super accelerated By comparing the memory dumps from different implants using this AI model, we actually like it and it actually changed a little bit how we see AI to be used on this and new precautions when you exit. Do not use that door knob. Just push the door with the foot. I hope that you have liked this talk. I know that uh there are lot of things to improve on next versions. We will try to work out on a brute forcer because we know people put uh this only attacks non- password protected implants but actually we know that some people place you know weak password 1 2 3 4 000000 we

tried to include it on this release but again micro python lack of space we weren't able to actually place more routines to start brute forcing and it will also require more exposure from the person uh you know grabbing the gnob And let's be honest, you it it doesn't looks good. If you see somebody just grabbing a dog for 10 seconds, it's not realistic. So, I hope you like it. If you have any question, uh feel free to ask here or we can follow it up later if you want. Uh those are my socials and my friend Emanuel who was my co-speaker and co-orker on this too. Thank you. [applause]

Thank you. >> Hey, does anybody have any questions for Mara? >> Yeah. Go ahead.

>> Test, test, test. >> Yeah. Did you experiment at all? First of all, great talk. This is super super interesting to me. I've done a lot of stuff with NFC recently and kind of had a very similar journey with trying to figure out the password protection and writing raw commands and stuff like that. Did you experiment at all with the locking pages, the static and the dynamic locking pages that you find in like end tag 216, 15,13, etc. And or did you only work with the password protection section? When dealing with implants, always password protect only because we didn't want it to be left with something inside the skin locket. But yeah, we break a lot of taxs in the

process trying to, you know, narrow down, well, this is the dangerous area. We should not play with this one or at least on this model from this page onwards, beware. From this page backwards, beware. We know it's some some place between these ones. uh not always we managed to narrow down which pages were the dangerous but we had a a sort of an idea general idea of do not touch that. So it it cost money every time you touch this this cost money. >> I had the same experience. All right. Thanks. >> Thank you. >> Anybody else have any questions? All right. Well, hey, thank you guys. Let's give another round of applause here for Maro Eldridge.

>> Thank you everyone. [applause] That is a killer way to start day one, talk one of Bides Las Vegas. This is truly cutting edge stuff. Uh if this sets the tone for the rest of the the con, I am super stoked. Uh guys, we got about uh 5 10 minutes until the next talk comes in. Go out, get some water, stretch, make a new friend, and uh everybody enjoy Bides 2025. Thank you.