We X-Rayed a Suspicious FTDI USB Cable

Summary

We recently got an industrial X-Ray machine in the Eclypsium office to use to make the next Doctor Manhattan do serious cybersecurity research. In between X-raying yet-to-be released industrial IT technologies on behalf of giant companies whose names we cannot reveal, we have done some other fun experiments. One thing we’ve done with it so far was to x-ray some FTDI USB to UART cables. We had an old cable lying around that seemed a little suspicious and dysfunctional. It worked at slow speeds but it failed when transferring firmware images from a product. These failures drove us to purchase the known good cables from DigiKey, which worked as expected. It is possible that this older cable came from a factory which also produced older generations of authentic FTDI cables, but this particular chip didn’t meet the performance requirements for the FTDI brand. Or maybe it was just a production run based on stolen FTDI IP. Or it is actually completely unrelated to any FTDI IC but has been programmed to claim to be FTDI in software. Unless we could match the silicon exactly to a known supply chain, we can really only speculate. In either case, we wanted to see the difference between the suspicious cable and a newer, more obviously “legit” one that cost about $20 from DigiKey. It is not a stretch to assume that a suspicious looking cable is a counterfeit. FTDI has publicly announced issues with counterfeit devices. They have even fought back with drivers which brick counterfeit chips. Some people have even referred to this as vendor sanctioned malware. Here’s what the two cables look like to the naked eye: Take a look at the two x-ray images below and see if you can tell which one is suspicious, and which one is authentic. Then scroll down and we’ll tell you what we see. Before we tell you the answer, here are some clues to look out for in each picture. The authentic cable has the following features visible in the X-Ray image, not shared with the suspicious cable: Ground pou...