Installing Trojan via USB plug-and-play
Canadian computer engineers have discovered a new way to install hardware Trojans in the system - via USB peripherals.
It turns out that the USB plug-and-play vulnerability allows any USB device to impersonate any other. Thus, you can equip a trojan keyboard, a coffee maker or even an electronic cigarette, in principle, any USB device, and it will get full access to the system.
Such a device was designed by engineers from the Royal Military College of Canada, writes News Scientist. They made a USB keyboard with a microcircuit that copies files from the HDD and can transfer information to Morse code using the LED's built-in keyboard. This method of transmitting information was chosen only for an example; as an alternative, it was possible to use cryptography and send files by e-mail - there is no difference.
')
The results of their work, researchers have published in the journal Future Generation Computer Systems ( paid access ).
It turns out that the USB plug-and-play vulnerability allows any USB device to impersonate any other. Thus, you can equip a trojan keyboard, a coffee maker or even an electronic cigarette, in principle, any USB device, and it will get full access to the system.
Such a device was designed by engineers from the Royal Military College of Canada, writes News Scientist. They made a USB keyboard with a microcircuit that copies files from the HDD and can transfer information to Morse code using the LED's built-in keyboard. This method of transmitting information was chosen only for an example; as an alternative, it was possible to use cryptography and send files by e-mail - there is no difference.
')
The results of their work, researchers have published in the journal Future Generation Computer Systems ( paid access ).
Source: https://habr.com/ru/post/98094/
All Articles