It is not the new story that the USB drives has been used to steal credentials. There has been USB drives that explodes when connected and there are drives that will steal the credentials when plugged in. Recently yet another evil USB has been developed by a researcher.
A security researcher developed a USB drive that will identify themselve as a network gateway and also as DNS server using the ethernet port. USB drive in USB port will have some restrictions before loading but the ethernet port will be whitelisted in the machine for sure.
The device dubbed as evil USB upon inserting in the ethernet port will identify itself even the computer is locked out and then the drive will try to sniff the hashed credentials and stores them in the SQLite Database.
After that the database entries can be cracked to find the password stored. The researcher tested this in many versions of Windows machine and also Mac running EI Captian and also Mavericks.
The only limitation for this attack is that the attacker need to have physical access to the computer for almost 13 seconds.
P.S: The post is to create awareness and not to create any negative impact.
No comments:
Post a Comment