Pages:
Author

Topic: DO NOT plug random cables and sticks into your device. - page 2. (Read 427 times)

legendary
Activity: 2730
Merit: 7065
I remember writing about the USBHarpoon back in 2019. It's a malicious cable that downloads malware onto your device if connected. This thread of yours reminded me of it.

I have a question. is it risky to connect external hard desk via Usb too? and I have a 2 earbuds that i charge from my laptop by connecting them via USB. are they risky too?
Any piece of unknown external hardware can potentially be a risk, so it's hard to answer with yes or no to such a question. The more popular the brand is, the less likely there is a problem with it. If you bought it from a trusted shop, I wouldn't worry that much, unless it's a completely unknown, cheap, and weird-looking gadget. If you got it from someone in a dark back alley, then I don't know what to tell you. Wink
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
I have a question. is it risky to connect external hard desk via Usb too? and I have a 2 earbuds that i charge from my laptop by connecting them via USB. are they risky too?

External hard disks use USB cables which can be modded to serve up a keylogger, as I pointed out in the OP.

But the probably that you will be targeted with one of these is very low. Just don't plug random stuff into your computer as the title says.
sr. member
Activity: 588
Merit: 338
Good compilation and enlightening advice on how to protect our funds. I also think that the best option is to avoid any form of external connection to the device that has your wallet. Having a separate device that is solely reserved for your Bitcoin transaction might be expensive but it might be a good security precaution especially if you own huge funds. But I have learned so much from this thread and will always be conscious about devices around my workspace.        

A separate device for your crypto wallets and exchanges can be the answer to this problem, so a Bitcoin, holder will not fall prey to these hacks, because sometimes it can be necessary to plug your device to external connections. With a separate device for your Bitcoin, you'll have to be extra careful and never connected to unfamiliar connectors, thanks OP for sharing this vital information.

legendary
Activity: 2492
Merit: 1232
LAN Turtle, which is called USB to LAN adopter here.
I didn't know it could be used in hacking, I often use this on my laptop connecting directly to my wifi modem.

Upon buying those products as mentioned above, they should be on the official store or merchant that can be trusted.
And if you have crypto, it should be stored on a device that you don't often use, not on the laptop for work.
hero member
Activity: 3024
Merit: 745
Top Crypto Casino
It's just best to plug those cables that you know and you've bought from a legit store and brand you trust. And as for going outside, just don't connect with any public wifi because you'll never know on which of them is the one that's just waiting for someone to connect through it and then on the other side, is the connection that has been setup by the hacker. I know about flipper zero and I see folks that have been flaunting it to the public, I don't know if they have good or ill intentions or they just want to test but as usual, it's always best to just take care of ourselves wherever we go.
hero member
Activity: 812
Merit: 560
If searching for a reliable product is worth it including knowing how to avoid Punycode sites, then we need to be very careful of the kind of devices we plug in to our system, there are times that its not only the malfunctioning that we see as this products side effect, they also carries an inbuilt malware in them, which can be easy transmitted to any device they are connected to, and this calls for us to ensure buying reliable products and also getting them from the certified vendors or market place, there are many fake and substandard items in the markets in which we cannot trust their ends, thanks for bringing this to the awareness of members to avoid such before happening.
sr. member
Activity: 658
Merit: 387
How can someone even be sure of the kind of USB cables they buy from the market nowadays? I think I used one of the mentioned cords for transferring data when I got a new device, and one of the cables that came with it that I used to transfer data from my old phone to the new one just looks like the one mentioned in OMG cables. So far as good, there has not been any form of fund loss or any of such; maybe it is probably not it as the device was connected to my old crypto wallet, which I no longer use.
sr. member
Activity: 518
Merit: 418
Fine by Time
When they say avoid plugin unnecessary devices to your device it is actually for our own good. Especially the USB device it is an easy way for people who wants to harm or steal a file that is important to us from our devices without us being aware of what is coming. Seen it on movies and most persons think it's just an act but it is not. In reality there are professional hackers who work for all these scam companies, and they do the dirty work for them. However, the temptation is much so some people cannot withhold the urge to see what is in the USB that is why up till this day people are still falling victims in this kind of attacks because of ignorance.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
Ahh flipper zero Smiley, who can forget this!! This is literally the best hacking device, that is out there, like the infinity gauntlet from Avenger. Power to control all. I have also seen those cables before (never knew it's called O.MG cable). It's really something. There is no way know which is actually the normal cable. It's completely identical from the original. And when connected, it'll run commands/scripts in an instance without the user realizing or noticing.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
@NotATether, when I saw this first device on the list, I remembered that I saw that one of the forum members offered it for sale a few months ago, and I was curious and checked what exactly it was about. It seems that this Flipper is a very interesting and powerful device with which you can do all kinds of "naughty" things.

It seems that in addition to the usual threats from the internet, we will also have to pay attention to all these "solid" threats, especially if we use our devices outside the home environment.
sr. member
Activity: 686
Merit: 403
There is nothing that anyone can tell me, it's a big risk running a PC with crypto wallet or assets on the PC, there are many ways that your PC can get infected, I spent most of my youth days doing experiments on PC, windows OS is not strong when it comes to security wise.

This was why I went with a airgapped hardware wallet that I can update the software without having to plug into a PC for upgrade, and the one I choose has no wifi or internet connection needed, PC isn't that safe like you think, even if you are so careful you can still make a mistake one day when operating the system.

Now I can do anything I want on my PC, there is no crypto related things stored on my PC so I can install what I want without having to deal with the fear that something bad could go wrong.
hero member
Activity: 2842
Merit: 772
Yeah, recently I created a similar trick being done by cyber criminals, [Warning] USB Malware that targets crypto wallets.

And the modus here is that this criminals will target the employees of their subject of attack and usually big entities and enterprises. Once the malware was click and infiltrate their systems, then it's game over.
hero member
Activity: 2156
Merit: 803
Top Crypto Casino
Why should anyone carry their laptop with them when they are travelling? This make me question as if some one is sane enough they would not carry their laptop that has crypto wallets. Everything that is being discussed in this thread are most probably kits that anyone would encounter in public. The reason being that the list have most of those cables or sticks that are common when you use them when in public.

Why not carry hardware which is owned by you and that does not require using public tools. The article is all about safeguarding anyone who is using electronic tools and not personal. This is the reality in countries that are developed and not in countries where such infrastructure is limited or non existent. It is very evident as these things are not available in my country.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
Several years ago, after reading a lot of evidence here about the dangers of using wireless keyboards and mice, I also refused them. However, the initial impression is of great convenience. Keyboard interception, espionage, and virus infection are common dangers of these devices. Therefore, any use of USB devices should always be double-checked and, if possible, locked with physical locks and disabled at the hardware level.
copper member
Activity: 1470
Merit: 1609
Bitcoin Bottom was at $15.4k
Flipper Zero, I have seen this before. People unlocking hotel rooms and what not with it. There is a huge database of pre scanned devices and that can be downloaded and used by Flipper Zero.
It's dangerous. Imagine you a RFID door which is scanned by one of your friend as a prank and then he uploads it to their database, then your door can be opened by anyone in the world with Flipper Zero.
hero member
Activity: 1232
Merit: 683
Tontogether | Save Smart & Win Big
Good information bro.
I have a question. is it risky to connect external hard desk via Usb too? and I have a 2 earbuds that i charge from my laptop by connecting them via USB. are they risky too?

Besides that I also heard that devices can be hacked via bluethooth too. we should be careful about that too.
full member
Activity: 203
Merit: 106
I had a friend who almost got hacked or should I say was hacked by this singular behavior.
In one move. You could have your while device compromised and have yourself to blame for it. This particular friend of mine had a low battery on his device and decided to connect to someone’s laptop for few seconds of power. At the third party’s request, he clicked on the allow storage and transfer of data option and that’s how the third party downloaded all his contact and started reaching out to everyone including myself, asking for emergency aids to assist my friend who was in a critical state from an accident. It’s just unthinkable how these things happens but, from simple and common mistakes such as these, you could loss everything.

This extends to having to connect with any free hotspots out there too. Maybe a friend, in a public bar or coffee shop and more of those places. Your security should be everything in this highly evolved technological age.
hero member
Activity: 574
Merit: 554
Leading Crypto Sports Betting & Casino Platform
Good compilation and enlightening advice on how to protect our funds. I also think that the best option is to avoid any form of external connection to the device that has your wallet. Having a separate device that is solely reserved for your Bitcoin transaction might be expensive but it might be a good security precaution especially if you own huge funds. But I have learned so much from this thread and will always be conscious about devices around my workspace.        
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
For maximum security, one of the best option is to go for a wallet on an airgapped device which its OS has been reinstalled and also making sure that it is not connected online by removing its WiFi card. Also remove the Bluetooth. If a wallet is setup on the device with the seed phrase having a strong passphrase is a good option. Backup the seed phrase and disable the USB ports and card reader or something from the Bios.

Another option is a 2-of-2 multisig in a way at least one device is a cold wallet like hardware wallet. Or going for a 2-of-3 multisig in a way that at least one device is airgapped. Better security but transaction fee will be high. Better for storage. For a wallet that is not used frequently.

For small amount on a desktop or a mobile wallet. Do not use the device to browse anyhow you want. People are now having at least two phones, and a laptop if possible. I prefer to use just one of my phone for browsing, while the other phone for just something related to wallet and exchanges. Disable download from unknown source. From settings, disable apps not to download files. Do not use it to download anything and also not using it for browsing. Just use it for only wallet and exchanges and let your other phone do the other work and get be careful of malware on the two devices. Do not share files with the devices.

Leave small money on online wallets while the remaining on cold wallets.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
From: https://www.zdnet.com/article/7-hacking-tools-that-look-harmless-but-can-do-real-damage/

If you use your computer to store any amount of crypto, or even if you use a hardware wallet, you should avoid plugging random stuff into your computer that you don't know about, because it is very easy to disguise a cable or a USB flash drive as a malware that logs your keystrokes and copies wallet files.

The following is a list of gadgets you should be particularly concerned of. If you see them anywhere in sight, get your computer away. Especially do not leave your PC unattended in some strange, unfamiliar place.

Flipper Zero:



It has a USB port for connecting to devices and sending keystrokes to execute any command like running a keylogger. It also has a WiFi controller for remote-control and file upload/download. This can be used to upload a malicious copy of a wallet software or download wallet files. It is more capable of doing Denial-of-Service damage than theft, however.

O.MG cables:



It has a USB port for connecting to devices and sending keystrokes to execute any command like running a keylogger. It also has a WiFi controller for remote-control and file upload/download. Very similar to the Flipper Zero except it is more disguised and can be camouflaged with your other cables.


USB Nugget:



Like the Flipper Zero and is also easy to detect in a room.

USB Rubber Ducky:



More dangerous kind of hacking tool that looks exactly like a regular USB flash drive (someone can just draw with black sharpie or permanent marker over the logo). Can send keystrokes to execute any command like running a keylogger. No WiFi controller.

WiFi Pineapple



A router capable of performing man-in-the-middle attacks such as changing DNS queries and spoofing TCP/IP packets, and also reading all data that goes through the network except for TLS-encrypted data.

LAN Turtle



A router capable of performing man-in-the-middle attacks such as changing DNS queries and spoofing TCP/IP packets, and also reading all data that goes through the network except for TLS-encrypted data.


Of these devices, only the first four are especially dangerous. As any "virtual keyboard" is capable of opening a terminal to install a keylogger which can record everything you type including seed phrases and wallet passwords, which can be ex-filtrated before the keylogger is even installed.

Ideally, you would make sure that access to your computer area is controlled and that only devices you recognize are present around it.
Pages:
Jump to: