Any USB Peripheral is a Potential Security Threat
Be careful what you stick it into.
The USB ports on a computer present a security risk. Not only are storage devices able to plug in and interface with the hardware, but also coffee cup warmers, fans, and even mini-vacuums.
A team of computer engineers from Royal Military College of Canada in Kingston, Ontario exploited a weakness in the USB plug-and-play functionality. What the team did was create a fake USB device that reported itself as something that computer already recognized.
For example, if the computer already paired itself with a USB camera, a hacker could spoof the same identity on another device.
As a proof of concept, the team designed a USB keyboard that contained a circuit that stole data from the hard drive and transmitted it by flashing an LED in a morse code-like fashion, as well as through sounds output by the sound card. While such methods are hugely inefficient and likely ineffective, it was just a proof of concept of the vulnerability.
Even though virus scanning software may check USB storage for malware, secretly planted trojans inside USB peripherals will likely be missed.
"We've shown any USB device could contain a hardware trojan," said Sylvain Leblanc, one of the engineers. "You could mount a hardware trojan attack with a USB coffee-cup warmer."
(source: New Scientist.)
- PowerColor Says Graphics Cards Are Too Heavy
- Quanta Sets New Record for Laptop Shipments
- The Winners of Our June SBM Contest PCs
- Deals for July 8: Samsung Camera for $99.99
- Blizzard Responds to Concerns Over Real ID
- Report: New Intel Desktop Chips Coming Soon
- Lenovo: We Are Lucky Steve Jobs Has Bad Temper
- Android 2.2 Beats Apple iOS 4 in Benchmark Tests
- NASA Releases Unreal Engine MMO Preview Demo
- 3D Displays May Be Hazardous to Young Children
- AMD CPUs Used in "Predators" Special Effects
- MS Addressing Google-Exposed Flaw Next Week
- Gears of War, BioShock Added to GFWL Download
- Blizzard Backs Down on Real Names in Forums
- Dell and Threadless Team Up for Funky Laptops
- Windows 7 64-bit Creeping Up on 32-bit Installs
- Intel May Soon Abandon Celeron Microprocessors
- Nvidia PhysX Software is Ancient, Slow for CPUs
Trojan? Virus? via USB Devices?
Is this suppose to be new?
Halooo....every thing that can contain or transfer datas or giving any information to the computer can be a virus/trojan carrier!
Information example : Even the simple Hardware ID, etc. Virus can come along during the sending of this ID.
Wake up dude!
It will be new if humans influenza can be also infected into the computer...that is new!
Yeah, nothing in here that we don't already know ...
you idiots, they are saying that the hardware ID can be spoofed to make the computer trust the device, from there it can exfiltrate data all it pleases... jesus christ learn to read!