Marius Muench
Dr.Marius Muench is an assistant professor at the University of Birmingham. His research interests cover (in-)security of embedded systems, binary & microarchitectural exploitation, and defenses. He obtained his PhD from Sorbonne University in cooperation with EURECOM and worked as a postdoctoral researcher at the Vrije Universiteit Amsterdam. He developed avatar2, a framework for analyzing embedded systems firmware, and FirmWire, an emulation and fuzzing platform for cellular basebands.
Throughout his career, Marius publicly shared his findings and presented at venues such as Black Hat, DEFCON, Reverse.io, REcon, and Hardwear.io.
Session
This talk shows our 4-year long journey of investigating SIM-originating attacks. We discovered multiple vulnerabilities across a myriad of devices ranging from phones to car chargers. The highlighted attacks include privacy leaks, corrupted memories in basebands, lockscreen bypasses and other logic bugs allowing us to control modems in unexpected ways.
Beyond these attacks, we discuss the tooling we built along the way and provide an outlook into the future research of this attack surface.