« previous next »
Pages: [1]

Author Topic: USB Phishing  (Read 2502 times)

ukgimp

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2241
    • View Profile
USB Phishing
« on: October 04, 2018, 07:57:24 AM »
Logged

Travoli

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1205
    • View Profile
Re: USB Phishing
« Reply #1 on: October 04, 2018, 03:27:29 PM »
I wonder if similar cables have/will show up on AMZ? Better start buying name brand again.
Logged

ergophobe

  • Inner Core
  • Hero Member
  • *
  • Posts: 9280
    • View Profile
Re: USB Phishing
« Reply #2 on: October 04, 2018, 04:19:14 PM »
Was it Incredibill who was always saying that insecurity is baked into the actual USB spec, meaning that if it meets the spec, it can do horrible things? It's the Universal in Universal Serial Bus that makes them dangerous, not a "flaw" in the protocol as with most security issues.

https://www.us-cert.gov/ncas/tips/ST08-001

Quote
The key to this problem is the design goal that USB devices could do many different things. For example, a USB flash drive with malicious firmware could function as a USB keyboard. When you connect it to your computer, it could send keyboard-press actions to the computer as if someone sitting at the computer were typing the keys.
https://www.howtogeek.com/203061/don%E2%80%99t-panic-but-all-usb-devices-have-a-massive-security-problem/
Logged

martinibuster

  • Inner Core
  • Full Member
  • *
  • Posts: 180
    • View Profile
    • Email
Re: USB Phishing
« Reply #3 on: October 05, 2018, 06:36:24 AM »
Sounds like something incredibill would have said.

Wow, that quote literally made me shout, "Oh sh##!"

I just remembered that the Stuxnet virus that infected Iran's nuclear facility was introduced via a USB stick.

https://en.wikipedia.org/wiki/Stuxnet
Logged
Pages: [1]
« previous next »