For those of you that use the freebie USB memory sticks and other computer peripherals given away at conferences, you should read an interesting article in The Register yesterday. I write this as I look at a few used memory drives I have laying around, so I am in the same boat.
According to the article, a security company was hired to try and break into a client’s firewall without detection, but they weren’t allowed to use social engineering tactics (like a phone call with tech support or phishing) nor were they allowed to have physical contact with the client’s computer system to gain entry. They had to think up another way to break in without setting off alarms.
To get around these barriers, the company came up with an ingenious idea: a mouse laden with hidden tools that would allow the company to have access without the client knowing. The mouse’s internal system was reconfigured, and a hidden memory drive inside was designed to disable the security detection software in the computer and ensure that no notification was given to the user. They were able to get the user to install the mouse by sending it to an employee disguised as some type of special freebie promo.
Now, I obviously wouldn’t expect that any domain companies would be brazen enough to do something like this (or have any interest in doing something this malicious), but you should always watch what you put into your computer. Hackers may leave a flash drive laying around or may even manipulate one of the free drives given away at conferences. I am sure there are many ways this can be done effectively.
I’ve heard rumors of wifi snooping at conferences in the past, and I wouldn’t put it by someone to try something like this. You never know.
I would love to hear from a techie on this point.
1. Can someone gain access or install a virus from a mouse or USB drive?
2. Can anyone hack into your computer if you are using free wifi at a hotel domain conference?
3. Can anyone hack into your computer from a wifi connection?
but that makes no sense. the only reason someone would give you something for free is because they love you.
@ todaro
LOL…
Beware of the guy with the turbin giving out flash drive with list of his 35000 domains. It installs bonet software that creates clicks to ads on his names accredited to your ip.
Yup–it is true..those chips and sticks made in China.
Rob,
Yes, it’s all true. Anything over wifi that doesn’t have an https in front of it will be sniffed and copied.
– Richard
@ Rob. Im not really a techy, but the answers to your questions 1,2,3 are a combination of easily yes, and very easily yes. Its a jungle out there 🙂
Are these theories, fears or facts?
I’m asking for factual answers.
Anything sent over wifi can be intercepted by a 3rd party with easy to find software and off the shelf equipment. All but the most strongest encryption is breakable within human timeframes. Also the ‘very strong’ commercial algorithms like RSA were broken years ago, and the WEP/WPA weak algos actually have built in backdoors.
There is also the ‘fake base station’ exploit whereby the hacker simply sets up ‘Free WiFi’ as their SSID and sniffs every packet passing through THEIR hardware. The 99% unsuspecting user notices nothing, as they are online and think everything appears fine.
If the hacker actually has physical hardware access to the system, eg with a usb or mouse then taking the PC is far easier still.
These attack risks can be mitigated by common sense and AV/other security software but cant be eliminated.
I think this is the original article:
http://pentest.snosoft.com/2011/06/24/netragards-hacker-interface-device-hid/
I’m on the mailing list for the security firm who did this (Netragard); they sent this out on Friday the 24th.
Here’s the relevant portion of the email:
I just finished writing a blog entry that I thought you’d find particularly interesting (typo’s included).
The article is about a hacking technique that has been around for about a year, but is not well known outside of hacking circles. This technique turns USB devices into attack plaforms through which hackers can infect and/or compromise entire network infrastructures. This is very different from the oterhwise well known USB hacking methodologies, and there’s no easy way to defeat the attack once a tainted device is plugged in.
Let me know what you think and of course if you have any penetration testing requirements that we might be able to help you satisfy we’d be more than happy to help.