|31 Jul 2013||#1|
| || |
USB flash drives masquerading as keyboards
The flash drives get around Microsoft's security mechanisms by tricking the operating system into thinking that the memory stick is not a memory stick but instead a 'Human Interface Device,' such as a keyboard.
Within 50 seconds of first plugging one of these devices into a PC, the malicious scripts or files contained on it will be run and the system is compromised. This load time is cut down substantially on subsequent mountings of the device. Without a physical inspection of the device, it's almost impossible to tell it apart from a benign flash drive.
And the price is cheap, with a modified 128MB USB stick costing $54, and a 8GB version costing only $64.
Apparently, they seem to have a found a way to bypass the protection measure by tricking Windows into thinking that the connected USB memory stick is actually a ‘Human Interface Device’ (keyboard for instance), allowing them to (physically) execute custom scripts within 30/40 seconds of connecting the custom USB memory stick to the targeted PC.
Custom USB sticks bypassing Windows 7/8′s AutoRun protection measure going mainstream | Webroot Threat Blog - Internet Security Threat Updates from Around the World
|My System Specs|
|Similar help and support threads for2: USB flash drives masquerading as keyboards|
|Lifespan of USB flash drives?||Hardware & Devices|
|Flash Drives||Hardware & Devices|
|USB flash drives 2 questions||Hardware & Devices|
|USB flash drives||Hardware & Devices|
|Flash drives & external drives won't install||Drivers|
|Are these 2gb usb flash drives anygood?||Hardware & Devices|
|Two dead flash drives?||Chillout Room|