this is nothing compare to ucsniff
this can only prevent if you use your own usb drive or hard drive and never let any other people to insert anything in your machine
but ucsniff can fuck you up and can tap your webcams listen to your calls and can watch you while having a sex show via any video chat application
Topic: A new era of computer hacking. (Read 5425 times)
its not that new a while ago a gang got caught sticking usb devices into phone chargers the device then uploaded personal info while you phone or tablet charged... i was very impressed by it.
USB is also one of the easiest way to pass virus... So I guess using it to hack seems possible and easy..
Yes, it's true.
This is the reason why I used just my own USB on my computer, never from unknown source.
It's never safe.
https://srlabs.de/badusb/
The guy gave a talk at blackhat and showed off the code, its really quite awesome, i cant wait for the VOD of it to be put up!
The guy gave a talk at blackhat and showed off the code, its really quite awesome, i cant wait for the VOD of it to be put up!
Looking forward to it!
https://srlabs.de/badusb/
The guy gave a talk at blackhat and showed off the code, its really quite awesome, i cant wait for the VOD of it to be put up!
The guy gave a talk at blackhat and showed off the code, its really quite awesome, i cant wait for the VOD of it to be put up!
Shits worse than ebola yo.
Don't be too paranoid, it's not like someone is already using it and/or it's on a massive scale. If you look at how many USB devices are out there and even if 0.001% are infected (doubt it), statistically there is no way that you will encounter one.
its not that new a while ago a gang got caught sticking usb devices into phone chargers the device then uploaded personal info while you phone or tablet charged... i was very impressed by it.
USB is also one of the easiest way to pass virus... So I guess using it to hack seems possible and easy..
its not that new a while ago a gang got caught sticking usb devices into phone chargers the device then uploaded personal info while you phone or tablet charged... i was very impressed by it.
I really don't get how this is a new era... You can easily modify a USB device in a way that it may emulate a HID and proceeds to take over the computer. As long as this is possible while having physical access to the machine, it can be automated in such a way!
isnt that part of social engineering toolkit? i think that is one of the wonder of infectious media generator in SET that you can create
The Infectious USB/CD/DVD module will create an autorun.inf file and a
Metasploit payload. When the DVD/USB/CD is inserted, it will automatically
run if autorun is enabled
The Infectious USB/CD/DVD module will create an autorun.inf file and a
Metasploit payload. When the DVD/USB/CD is inserted, it will automatically
run if autorun is enabled
No, much worse than that. They are modifying USB stick's firmware which makes malware impossibile to detect by any antivirus software.
isnt that part of social engineering toolkit? i think that is one of the wonder of infectious media generator in SET that you can create
The Infectious USB/CD/DVD module will create an autorun.inf file and a
Metasploit payload. When the DVD/USB/CD is inserted, it will automatically
run if autorun is enabled
The Infectious USB/CD/DVD module will create an autorun.inf file and a
Metasploit payload. When the DVD/USB/CD is inserted, it will automatically
run if autorun is enabled
Don't plug in a USB unless you know it is safe.
A new era of computer hacking is born:
http://www.businessinsider.com.au/r-hackers-can-tap-usb-devices-in-new-attacks-researcher-warns-2014-31/
A new era of computer hacking is born:
http://www.businessinsider.com.au/r-hackers-can-tap-usb-devices-in-new-attacks-researcher-warns-2014-31/
Quote
BOSTON (Reuters) – USB devices such as mice, keyboards and thumb-drives can be used to hack into personal computers in a potential new class of attacks that evade all known security protections, a top computer researcher revealed on Thursday.
Karsten Nohl, chief scientist with Berlin’s SR Labs, noted that hackers could load malicious software onto tiny, low-cost computer chips that control functions of USB devices but which have no built-in shields against tampering with their code.
“You cannot tell where the virus came from. It is almost like a magic trick,” said Nohl, whose research firm is known for uncovering major flaws in mobile phone technology.
The finding shows that bugs in software used to run tiny electronics components that are invisible to the average computer user can be extremely dangerous when hackers figure out how to exploit them. Security researchers have increasingly turned their attention to uncovering such flaws.
Nohl said his firm has performed attacks by writing malicious code onto USB control chips used in thumb drives and smartphones. Once the USB device is attached to a computer, the malicious software can log keystrokes, spy on communications and destroy data, he said.
Computers do not detect the infections when tainted devices are inserted into a PC because anti-virus programs are only designed to scan for software written onto memory and do not scan the “firmware” that controls the functioning of those devices, he said.
Karsten Nohl, chief scientist with Berlin’s SR Labs, noted that hackers could load malicious software onto tiny, low-cost computer chips that control functions of USB devices but which have no built-in shields against tampering with their code.
“You cannot tell where the virus came from. It is almost like a magic trick,” said Nohl, whose research firm is known for uncovering major flaws in mobile phone technology.
The finding shows that bugs in software used to run tiny electronics components that are invisible to the average computer user can be extremely dangerous when hackers figure out how to exploit them. Security researchers have increasingly turned their attention to uncovering such flaws.
Nohl said his firm has performed attacks by writing malicious code onto USB control chips used in thumb drives and smartphones. Once the USB device is attached to a computer, the malicious software can log keystrokes, spy on communications and destroy data, he said.
Computers do not detect the infections when tainted devices are inserted into a PC because anti-virus programs are only designed to scan for software written onto memory and do not scan the “firmware” that controls the functioning of those devices, he said.
Jump to: