Sub_Umbra
Flashlight Enthusiast
These Grey Hats loaded flash drives with trojans and just dropped them around and hoped employees would find them and plug them into the target network to see what was on them. Full Story Here
Social Engineering, the USB Way
- Thread starter Sub_Umbra
- Start date
Help Support Candle Power Flashlight Forum
drizzle
Enlightened
Wow! That's pretty scary. In fact it is really a how to for information thieves. It's not at all like the latest virus that can be analyzed and guarded against. There is no anti-human-nature software out there.
KevinL
Flashlight Enthusiast
Wow....
This would be tremendously hard to resist doing even for myself, although I would have plugged it into an off-net machine. Still, even that would have been bad enough.
It's worse if they set it up for autorun (which IS truly evil), and then the people would be screwed by just plugging it in.
But this is not so dissimilar from a problem that used to be pretty bad - just putting an virus infected floppy disk into your computer was enough to trash it. USB drives are the logical successor to floppies...
This would be tremendously hard to resist doing even for myself, although I would have plugged it into an off-net machine. Still, even that would have been bad enough.
It's worse if they set it up for autorun (which IS truly evil), and then the people would be screwed by just plugging it in.
But this is not so dissimilar from a problem that used to be pretty bad - just putting an virus infected floppy disk into your computer was enough to trash it. USB drives are the logical successor to floppies...
idleprocess
Flashaholic
linked article said:
Emphasis added. That last sentence suggests that there was an application the users ran ... either an executable (the fools!) or something designed to look like an image that used some vulnerability to run code.
I have to agree with KevinL - autorun is a downright vile thing from a security perspective ... it silently executes with permissions at least as good as the user's (perhaps greater with the right exploit).
Last edited:
bwaites
Flashlight Enthusiast
It would have worked even better if they had also used a "you screwed up" screen that 24 hours after they plugged in froze their computers until someone with a management password unlocked.
A big "You remember that USB drive you plugged in yesterday? Well it just shut you down. You must now contact manangement for a new password to reset your system."
That would have been VERY scary for the employee and a lesson not soon forgotten!
Bill
A big "You remember that USB drive you plugged in yesterday? Well it just shut you down. You must now contact manangement for a new password to reset your system."
That would have been VERY scary for the employee and a lesson not soon forgotten!
Bill
AlexGT
Flashlight Enthusiast
That is scary clever!
tvodrd
*Flashaholic* ,
Thanks for the headsup! If I find a USB drive on the sidewalk without the owner's "contact" on it, I'm gonna STOMP it! 
Larry
Larry
IsaacHayes
Flashlight Enthusiast
My "contact me if lost" on my USB is in a .txt file.....
eluminator
Flashlight Enthusiast
If someone wants to drop a nice big fast SD card around here, I wouldn't mind. I disable autorun anyway, just to protect my sanity.
KevinL
Flashlight Enthusiast
Same for CF. However, I would format it first..... in a UNIX box
