In a revealing study of the hardware industry, PenTestPartners expert Jack Barradell-Johns has exposed the fraudulent practices behind high-capacity SSDs sold at incredibly low prices on Aliexpress.
This security researcher set out to investigate how these devices, which promise capacities such as 32 TB for just over $25, manage to convince less informed and trusting buyers.
The initial down payment on these high-capacity SSDs is tempting for any user looking for an exceptional deal. Packaged with the appearance of quality and promises of performance, these products are deceptive at first glance, however, according to Barradell-Johns research, the reality is very different.
When connecting one of these SSDs to the PC, Windows initially detects and displays a capacity of 32 TB, seeming to confirm the legitimacy of the product. But to verify the veracity of this capability, Barradell-Johns used a crude but effective methodology, repeatedly copying a 500 MB file until the disk was full.
This is where the deception was discovered, as the SSD was only able to store 97.5 GB before reaching its limit, suggesting that there was direct tampering with the SSD’s firmware.
The expert revealed that they use sophisticated techniques such as logical block addressing (LBA) alteration, partition table forgery, and creation of fake metadata. These practices trick the operating system into incorrectly interpreting the device’s capacity, displaying a figure much higher than it can physically store.
Disassembly of the SSD revealed a small PCB that houses a Micro-SD card reader and a connecting USB port. This discovery confirms that the device does not have the advertised capacity of 32TB of native storage, but instead relies on a Micro-SD card to simulate this capacity through firmware tricks.
This case illustrates the risks inherent in purchasing technology products on unregulated e-commerce platforms. Aliexpress, known for its low prices and the presence of unverified sellers, is fertile ground for this type of fraud.
Barradell-Johns warns about the importance of due diligence when purchasing products online, especially when it comes to critical storage devices that promise exceptional capabilities at prices that are too good to be true.
Player buys a new RTX 4090, but suffers when he sees that it overheats for weeks for no reason, and when he disassembles it he sees that the GPU did not come complete
A Reddit buyer has revealed a serious problem with his new Palit RTX 4090 graphics card, purchased for more than $1,000. According to user kentukky, who shared his experience on the pcmasterrace subreddit, the GPU had overheating problems since its acquisition, which seriously affected its performance.
Given the lack of help from technical support, described by kentukky as insufficient and uncooperative, he decided to investigate on his own. It was then that he discovered the cause of the problem when disassembling the graphics card: the thermal pads necessary for effective heat transfer were not installed.