Recently, a video has been circulating online claiming that certain USB-ethernet adapters may contain “malicious software” for surveillance purposes, possibly originating from China or Russia. However, a closer look reveals that the situation is not as alarming as it may seem.
The focus has been on the SR9900 chip manufactured by CoRECHIPS in Shenzhen, which is often mistaken for the Realtek RTL8152B released in 2013. One of the key points of contention has been an additional SPI Flash chip on the board of these devices, sparking conspiracy theories about its true function. However, further investigation by researcher Icamtuf has revealed that this flash chip is simply used to create a virtual CD-disk containing drivers that are automatically installed when the adapter is connected.
Examination of the SR9900 firmware tools has confirmed that the flash memory, with a capacity of 512 KB, houses an ISO image of 168 KB with Windows drivers. This practice was common during the time of the adapter’s release, when distributing drivers via CD-disk was standard.
While there is a theoretical possibility of devices with firmware being vulnerable to backdoors or malware, in this case, it appears to be a matter of outdated technology rather than a genuine threat. It serves as a reminder of how rapidly technology evolves and how practices once commonplace are now obsolete.