Watch Out for Conference “Freebies”

For those of you that use the freebie USB memory sticks and other computer peripherals given away at conferences, you should read an interesting article in The Register yesterday. I write this as I look at a few used memory drives I have laying around, so I am in the same boat.

According to the article, a security company was hired to try and break into a client’s firewall without detection, but they weren’t allowed to use social engineering tactics (like a phone call with tech support or phishing) nor were they allowed to have physical contact with the client’s computer system to gain entry. They had to think up another way to break in without setting off alarms.

To get around these barriers, the company came up with an  ingenious  idea: a mouse laden with hidden tools that would allow the company to have access without the client knowing. The mouse’s internal system was reconfigured, and a hidden memory drive inside was designed to disable the security detection software in the computer and ensure that no notification was given to the user. They were able to get the user to install the mouse by sending it to an employee disguised as some type of special freebie promo.

Now, I obviously wouldn’t expect that any domain companies would be brazen enough to do something like this (or have any interest in doing something this malicious), but you should always watch what you put into your computer. Hackers may leave a flash drive laying around or may even manipulate one of the free drives given away at conferences. I am sure there are many ways this can be done effectively.

I’ve heard rumors of wifi snooping at conferences in the past, and I wouldn’t put it by someone to try something like this. You never know.

Elliot Silver
Elliot Silver
About The Author: Elliot Silver is an Internet entrepreneur and publisher of Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn


  1. I would love to hear from a techie on this point.

    1. Can someone gain access or install a virus from a mouse or USB drive?

    2. Can anyone hack into your computer if you are using free wifi at a hotel domain conference?

    3. Can anyone hack into your computer from a wifi connection?

  2. Beware of the guy with the turbin giving out flash drive with list of his 35000 domains. It installs bonet software that creates clicks to ads on his names accredited to your ip.

  3. @ Rob. Im not really a techy, but the answers to your questions 1,2,3 are a combination of easily yes, and very easily yes. Its a jungle out there 🙂

  4. Anything sent over wifi can be intercepted by a 3rd party with easy to find software and off the shelf equipment. All but the most strongest encryption is breakable within human timeframes. Also the ‘very strong’ commercial algorithms like RSA were broken years ago, and the WEP/WPA weak algos actually have built in backdoors.
    There is also the ‘fake base station’ exploit whereby the hacker simply sets up ‘Free WiFi’ as their SSID and sniffs every packet passing through THEIR hardware. The 99% unsuspecting user notices nothing, as they are online and think everything appears fine.
    If the hacker actually has physical hardware access to the system, eg with a usb or mouse then taking the PC is far easier still.
    These attack risks can be mitigated by common sense and AV/other security software but cant be eliminated.

  5. I think this is the original article:

    I’m on the mailing list for the security firm who did this (Netragard); they sent this out on Friday the 24th.

    Here’s the relevant portion of the email:
    I just finished writing a blog entry that I thought you’d find particularly interesting (typo’s included).

    The article is about a hacking technique that has been around for about a year, but is not well known outside of hacking circles. This technique turns USB devices into attack plaforms through which hackers can infect and/or compromise entire network infrastructures. This is very different from the oterhwise well known USB hacking methodologies, and there’s no easy way to defeat the attack once a tainted device is plugged in.
    Let me know what you think and of course if you have any penetration testing requirements that we might be able to help you satisfy we’d be more than happy to help.


Please enter your comment!
Please enter your name here

Recent Posts

Entrepreneurship Handbook Offers Domain Advice – Reveals a $385k Domain Name Purchase

Chad Folkening shared an excellent newsletter article from the Entrepreneurship Handbook that will be of interest to domain investors. Not only does Dave Schools...

Referring a (Bad) Prospect to a Broker

There are many times when the valuation of a domain name my company owns is far greater than what a prospective buyer thinks it... Reportedly Acquired for $400,000

The domain name has reportedly been acquired for $400,000 USD. The acquisition was announced on X this morning by Nick Huber: Big news: We spent...

Can You Beat my Time on

Michael Cyger launched a fun solitaire game called Pyramid solitaire on the exceptional domain name. I've played it many times and find it...

My Experience with Afternic / Dan Checkout Link

I recently sold a domain name I owned for several years after an email discussion with the buyer. During our negotiation, at least three...