Who lost the flash drive?
Telegram channel: https://t.me/protectioninformation
Telegram Group: https://t.me/informationprotection1
Website: https://legascom.ru
Email: online@legascom.ru
Surely many readers had to find flash drives. It can be either your own USB flash drive, bought a long time ago and found again somewhere under a pile of documents, or someone else's drive, which you found, for example, on the way to the office. In any case, if you find someone else's USB drive, you will definitely want to find out what information is on it, that is, you will try to connect it to your computer. Of course, many people will think before connecting an unfamiliar medium: is there a virus there? But, relying on their antivirus and other security software, they will still connect the flash drive to the media. However, even if there were no malicious files on the USB drive, it's too early to be happy. There are devices that look like flash drives that can disguise themselves in the system as legitimate peripherals (HID, Human Interface Device) such as a keyboard or mouse and perform almost any actions under the rights of the current user. However, first things first.
In recent years, the DIY concept (Do It Yourself – assemble it yourself) has been gaining momentum in the IT world. Manufacturers from Southeast Asia supply the whole world with inexpensive electronic components, primarily microchips. On the Internet, you can easily find not only specifications for specific devices, but also examples of work projects of any level of complexity - from flashing LEDs to walking robots. And the appearance of solderless boards allows you to assemble a project in just a few minutes. Thanks to this, inexpensive ones (about $30) began to appear on the market mock-up boards that represent a microcontroller with the necessary parts and contacts and a USB interface through which it can receive power and interact with a computer.
Here it is worth paying attention to another important point: previously, for firmware of microcontrollers, it was necessary to use expensive professional programmer devices, the cost of which was from $ 1,000. However, the functionality of most of these devices allows you to flash the controller using a USB port, bypassing additional devices.
The most famous breadboard is the Arduino. Many ready-made examples of configurations of various devices have been developed for it. A free development environment is available in which you can use a C-like language to program a microcontroller to perform certain tasks.
One of the Arduino clones, the Teensy breadboard, is usually used to create "forged flash drives." In terms of form factor, it is a small board no bigger than a USB flash drive with a Mini-USB connector. Being mounted in some legal device such as the same USB flash drive or, as in my case, in a USB hub, when connected, it is detected in the system as a keyboard and begins to actually simulate the user pressing various keys, that is, executing commands, scripts, etc.
Let's take an example. Let's say an attacker wants to steal some files from the victim's machine. With the help of social engineering, a "charged" USB device based on a Teensy board is somehow slipped to the victim. For example, he left several flash drives at the security of the hacked company, which allegedly fell out from an employee who entered the building. Naturally, the guards and then the staff could not overcome their curiosity, and by evening the attacker already had access to several cars. So do not neglect such a hacking tool. But then the GSM module built into the same device comes into action.
When the victim turns on the flash drive and the necessary software is registered in the system, the attacker imperceptibly sends commands and receives results. For a specialist, manufacturing a GSM module and integrating it with a USB card is not a very difficult task, there are enough materials on the network. So do not consider this example unnecessarily far-fetched.
In general, the topic of creating "hacker" devices is material for a separate conversation. Here I have only mentioned the existence of such devices. So do not forget that in conjunction with social engineering, "hacked flash drives" can be very dangerous.
