What seems to be an inconspicuous ordinary USB direct connection can even become a weapon of attack for hackers? Angelos Stavrou, an assistant professor of computer science at George Mason University in the United States, and his student Zhaohui Wang discovered a way to launch attacks on laptops and smartphones via USB connections. They will hold black hats today. The technology conference demonstrated the feasibility of this attack.
After changing the function of the USB driver through self-written software, they can initiate a covert attack after the smart phone connects to the computer. In simple terms, the main task of this task is to modify the USB driver through the software to increase the keyboard and mouse functions. When the connection is established, the attacker can enter a keyboard command or perform a mouse click, steal files or upload Trojans to see the preferences of the attacker. In a word, he has been able to fully manipulate this computer. The reason why this happens is because the current USB protocol allows any device to connect to a computer without verification.
The attacker can automatically recognize the connected operating system. On the Apple and Windows platforms, the system will pop up a message box indicating that a new human interface device has been detected and there is no easy way to terminate the process. On the Mac platform, an attacker can quickly remove this prompt box by using a command sent via a smartphone, even before the owner of the notebook has seen the information on the prompt box, and the prompt dialog box on the Windows platform will be in the lower right corner of the task tray. Continue for 1-2 seconds.
On the Linux machine, no warning message will appear, so the user is completely unaware of what is happening unusually.
Stavrou wrote an attack demo program for the Android client only, but he stated that the same functionality could be implemented on the iPhone but they didn't write: "The attack program can run on any platform, even directly connected via USB connection. Between two smart phones."
Stavrou said that the attack software can be made into a virus-type program to spread. If the user's mobile phone is infected with a virus, then as long as he finds the phone to any connected computer, this machine will be infected, and then this computer will virus Then spread to any smartphone connected to this computer, and all the crime tools are just a normal USB connection.
Anti-virus software may not be able to deal with this kind of attack program at present, because the attacker only controls the host through the normal driver. The subsequent operations are performed through the keyboard of the accused machine, and the anti-virus software is good for this kind of behavior. Judgment will be a problem. However, fortunately, this type of attack can only be performed via USB connection. As long as the anti-virus software is installed, the system patch should be safe for our average user.
After changing the function of the USB driver through self-written software, they can initiate a covert attack after the smart phone connects to the computer. In simple terms, the main task of this task is to modify the USB driver through the software to increase the keyboard and mouse functions. When the connection is established, the attacker can enter a keyboard command or perform a mouse click, steal files or upload Trojans to see the preferences of the attacker. In a word, he has been able to fully manipulate this computer. The reason why this happens is because the current USB protocol allows any device to connect to a computer without verification.
The attacker can automatically recognize the connected operating system. On the Apple and Windows platforms, the system will pop up a message box indicating that a new human interface device has been detected and there is no easy way to terminate the process. On the Mac platform, an attacker can quickly remove this prompt box by using a command sent via a smartphone, even before the owner of the notebook has seen the information on the prompt box, and the prompt dialog box on the Windows platform will be in the lower right corner of the task tray. Continue for 1-2 seconds.
On the Linux machine, no warning message will appear, so the user is completely unaware of what is happening unusually.
Stavrou wrote an attack demo program for the Android client only, but he stated that the same functionality could be implemented on the iPhone but they didn't write: "The attack program can run on any platform, even directly connected via USB connection. Between two smart phones."
Stavrou said that the attack software can be made into a virus-type program to spread. If the user's mobile phone is infected with a virus, then as long as he finds the phone to any connected computer, this machine will be infected, and then this computer will virus Then spread to any smartphone connected to this computer, and all the crime tools are just a normal USB connection.
Anti-virus software may not be able to deal with this kind of attack program at present, because the attacker only controls the host through the normal driver. The subsequent operations are performed through the keyboard of the accused machine, and the anti-virus software is good for this kind of behavior. Judgment will be a problem. However, fortunately, this type of attack can only be performed via USB connection. As long as the anti-virus software is installed, the system patch should be safe for our average user.
Nylon Products,Cable Clips,Nylon Fabric,Polyester Fabric
Insulated Terminal Ends Co., Lt d , http://www.nbterminal.com