Author Topic: Pretty nifty way to infect users on a large scale (Read 508 times)

gingk0 · « **on:** November 19, 2014, 10:08:05 pm »

This story is about a person who got infected because he bought a cheap e-cigarette from china, which had a USB charger with malware on it.

When you plug a usb device in your computer, do the drivers install from that device or is it all from windows update? If so, could someone rewrite a driver and hide malware in it? I don't know if the person got a UAC-dialog when plugging in the charger.

0E 800 · « **Reply #1 on:** November 19, 2014, 11:10:55 pm »

I think its possible.
The question is however, why didn't the IT professionals have any log data about where the malware was going. Firewall logs? What did the malware do that was so mal?
There was a data breach, how did they discover the data breach was from the exec if there were no logs of malicious activity on his computer?

The IDS wasn't tripped when data was being sent to China?

They also did not provide any pictures or details about the name of the ecigg.

Wouldn't have been to hard to load it up on a VM and verify it was the charger.

"We have a virus, but how? Oh, its cloudy outside, it must have come from the cloud."

I call bullshit on the story.

Its not social engineering, its reading comprehension.

Xires · « **Reply #2 on:** November 20, 2014, 04:20:40 am »

@OE 800; have a fucking cookie! Great response and decent questions.

EvilZone

News:

Author Topic: Pretty nifty way to infect users on a large scale (Read 508 times)

gingk0

Pretty nifty way to infect users on a large scale

0E 800

Re: Pretty nifty way to infect users on a large scale

Xires

Re: Pretty nifty way to infect users on a large scale