Author Topic: USB Phishing  (Read 265 times)

ukgimp

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1948
    • View Profile
USB Phishing
« on: October 04, 2018, 07:57:24 AM »

Travoli

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 685
    • View Profile
Re: USB Phishing
« Reply #1 on: October 04, 2018, 03:27:29 PM »
I wonder if similar cables have/will show up on AMZ? Better start buying name brand again.

ergophobe

  • Inner Core
  • Hero Member
  • *
  • Posts: 4448
    • View Profile
Re: USB Phishing
« Reply #2 on: October 04, 2018, 04:19:14 PM »
Was it Incredibill who was always saying that insecurity is baked into the actual USB spec, meaning that if it meets the spec, it can do horrible things? It's the Universal in Universal Serial Bus that makes them dangerous, not a "flaw" in the protocol as with most security issues.

https://www.us-cert.gov/ncas/tips/ST08-001

Quote
The key to this problem is the design goal that USB devices could do many different things. For example, a USB flash drive with malicious firmware could function as a USB keyboard. When you connect it to your computer, it could send keyboard-press actions to the computer as if someone sitting at the computer were typing the keys.
https://www.howtogeek.com/203061/don%E2%80%99t-panic-but-all-usb-devices-have-a-massive-security-problem/

martinibuster

  • Inner Core
  • Full Member
  • *
  • Posts: 118
    • View Profile
    • Email
Re: USB Phishing
« Reply #3 on: October 05, 2018, 06:36:24 AM »
Sounds like something incredibill would have said.

Wow, that quote literally made me shout, "Oh sh##!"

I just remembered that the Stuxnet virus that infected Iran's nuclear facility was introduced via a USB stick.

https://en.wikipedia.org/wiki/Stuxnet