Blog Archive

How To Hack A Company With A Trojan Mouse


The information security world has long warned of Trojans, benign-looking but 
evil-intentioned programs that penetrate firewalls like a Trojan Horse rolling through the gates of a Turkish city-state. Adriel Desautels’ team of penetration testers has developed a trick that takes that mythological metaphor more literally: the Trojan Mouse.
In a detailed blog post on the website of his firm, Netragard, Desautels describes a recent assignment: to find security vulnerabilities on a network with few connections to the Internet, and with specific instructions not use social networks, email, or fraudulent phone calls. That kind of hard target required some innovation. So his team of whitehat hackers came up with a clever new technique: a tiny USB hub infected with malware, implanted in a normal looking mouse.

The raw materials of Netragard's hack. (Click to enlarge.)
Netragard carefully gutted a Logitech mouse and after a few hours of soldering work, implanted the hub such that it could run software on the user’s computer while still allowing the mouse to function normally. The hackers also used a vulnerability in the user’s antivirus software to code a new piece of software that would run automatically on the user’s machine without prompting him or her for a connection. Then they packaged it up in the marketing materials of one of Netragard’s friendly-looking partners, and mailed it to one of their target’s employees.
Three days later, it connected back to the hackers’ machine from inside their victims’ network. Their mark had fallen for the ruse and plugged it in.
Desautels points out that the trick could work with any variety of USB device, from a mouse to a USB missile turret toy–anything large enough to contain the infected USB hub. ”When they do plug it in, they will be infected by our custom malware and we will use that point of infection to compromise the rest of the network,” he writes.
The trick of mailing infected USB sticks to a target company or leaving them strewn in a parking lot for employees to pick up is hardly new. But as employees have become more aware of USB dangers and administrators more often disable the auto-run function on PCs, Desautels said Netragard was looking for new ground. “[The USB] trick worked great back in the day but not so much any more,” he writes. “We wanted something reliable.”
Read Desautels’ full description of the hack at his blog.








http://blogs.forbes.com/andygreenberg/2011/06/27/how-to-hack-a-company-with-a-trojan-mouse/

0 التعليقات:

Post a Comment

Popular Posts