EvilZone

Hacking and Security => Hacking and Security => : gingk0 November 19, 2014, 10:08:05 PM

: Pretty nifty way to infect users on a large scale
: gingk0 November 19, 2014, 10:08:05 PM

This (http://www.reddit.com/r/talesfromtechsupport/comments/2mkmlm/the_boss_has_malware_again/) story is about a person who got infected because he bought a cheap e-cigarette from china, which had a USB charger with malware on it.

When you plug a usb device in your computer, do the drivers install from that device or is it all from windows update? If so, could someone rewrite a driver and hide malware in it? I don't know if the person got a UAC-dialog when plugging in the charger.

: Re: Pretty nifty way to infect users on a large scale
: 0E 800 November 19, 2014, 11:10:55 PM

I think its possible.
The question is however, why didn't the IT professionals have any log data about where the malware was going. Firewall logs?  What did the malware do that was so mal?
There was a data breach, how did they discover the data breach was from the exec if there were no logs of malicious activity on his computer?

The IDS wasn't tripped when data was being sent to China?

They also did not provide any pictures or details about the name of the ecigg.

Wouldn't have been to hard to load it up on a VM and verify it was the charger.

"We have a virus, but how? Oh, its cloudy outside, it must have come from the cloud."

I call bullshit on the story.

Its not social engineering, its reading comprehension.

: Re: Pretty nifty way to infect users on a large scale
: Xires November 20, 2014, 04:20:40 AM

@OE 800; have a fucking cookie!  Great response and decent questions.