Posted: 9/3/2014 8:48:33 PM EDT
|
One of my instructors mentioned a USB virus in class today... transmitted via the firmware of the USB drive, it can take your computer over.
Anyone heard about this? I googled it and got a lot of hooey. Edit.. this is true, see Chokey's post below. |
|
I believe there were several thousand, hundred thousand, USB drives that were manufactured in China where the master for the USB chip memory had a virus on it....thus every USB device made had the virus too.
It was an isolated incident according to Chinese government. But internet routers have been made with virus or malware built into them and China made a bunch of toasters with IP sniffing hardware/software to map, access, and keylog unsecured wireless networks in Russia and Europe. Don't believe anyone in the toaster factory thought a WiFi card would make a heating element work better. China shipped a bunch of am/fm radios that were actually trancevers that broadcast audio from the location the radios were used..even broadcast on lesser USD frequency. I believe I have seen a report for automated commercial bathroom air fresheners being a security concern. Air freshener had a recording that played a voice recording to indicate the canister or batteries needed changed.....and the device could record conversations and be downloaded later. |
|
Quoted:
Just like you shouldn't put your dick is strange places, don't put strange USB devices you find lying around into your PC. What sucks is, if a student is at school and transporting schoolwork files to and from ... they'd need to plug in to the school computers. I may look in to a cloud storage solution to avoid this! |
|
Quoted:
What sucks is, if a student is at school and transporting schoolwork files to and from ... they'd need to plug in to the school computers. I may look in to a cloud storage solution to avoid this! Quoted:
Quoted:
Just like you shouldn't put your dick is strange places, don't put strange USB devices you find lying around into your PC. What sucks is, if a student is at school and transporting schoolwork files to and from ... they'd need to plug in to the school computers. I may look in to a cloud storage solution to avoid this! Yep, it's all about minimising risk. USBs have issues (for example, USBs were used for the Stuxnet virus) but so does cloud storage (ask JLaw). You could use email to transfer files, but again, there's the same issue as with cloud storage. The best thing you can really do is have good, up to date security software. Think of it like home security - if someone really wants to get in, they will. You're just trying to make your house look tougher than another. |
|
Quoted:
Yep, it's all about minimising risk. USBs have issues (for example, USBs were used for the Stuxnet virus) but so does cloud storage (ask JLaw). You could use email to transfer files, but again, there's the same issue as with cloud storage. The best thing you can really do is have good, up to date security software. Think of it like home security - if someone really wants to get in, they will. You're just trying to make your house look tougher than another. Quoted:
Quoted:
Quoted:
Just like you shouldn't put your dick is strange places, don't put strange USB devices you find lying around into your PC. What sucks is, if a student is at school and transporting schoolwork files to and from ... they'd need to plug in to the school computers. I may look in to a cloud storage solution to avoid this! Yep, it's all about minimising risk. USBs have issues (for example, USBs were used for the Stuxnet virus) but so does cloud storage (ask JLaw). You could use email to transfer files, but again, there's the same issue as with cloud storage. The best thing you can really do is have good, up to date security software. Think of it like home security - if someone really wants to get in, they will. You're just trying to make your house look tougher than another. Yeah. I need to remind myself, despite all the security, people still rob banks. |
|
Quoted:
Just like you shouldn't put your dick is strange places, don't put strange USB devices you find lying around into your PC. Corporate HQ IT sent my office like 20 thumbdrives. Our local IT guy then just conveniently dropped them where my coworkers could find them. They were set up with a "phone home" type program. 18 of them were plugged into USB ports without even checking with the local IT guy first. |
|
Quoted:
Corporate HQ IT sent my office like 20 thumbdrives. Our local IT guy then just conveniently dropped them where my coworkers could find them. They were set up with a "phone home" type program. 18 of them were plugged into USB ports without even checking with the local IT guy first. Quoted:
Quoted:
Just like you shouldn't put your dick is strange places, don't put strange USB devices you find lying around into your PC. Corporate HQ IT sent my office like 20 thumbdrives. Our local IT guy then just conveniently dropped them where my coworkers could find them. They were set up with a "phone home" type program. 18 of them were plugged into USB ports without even checking with the local IT guy first. So you failed the test? 
|
|
Quoted:
This has been a threat for years. This.. 10 years ago I worked for a company setting up hardware/networks/servers for Banks. The IT Department of one of our clients conducted a test at their branches by dropping infected USB drives out side the door of the bank to prove to the board they needed to make changes to their security policy's and configuration... Worked like a charm. People would pick them up and immediately plug it in to see what was on it. |
| I worked at a PC builder for a while. We got mice in these 10x10x10 cubes. There would be one original driver disk and 999 copies of it. Apparently the mass duplicator was infected and every PC we sent out (well, 99.9% of them) were infected. Yes, mouse drivers on a disk. It was back in the day. |