Slashdot Mirror

← Back to Stories (view on slashdot.org)

Social Engineering Using USB Drives

Posted by ryuzaki0 on from the driving-right-in dept.

Iphtashu Fitz writes "What's the easiest way to hack into the computer systems of a credit union? It turns out that all you need to do is copy a virus/trojan onto USB drives and scatter them around the front door of the credit union. This was how a recent security audit was performed at a credit union where the employees had actually been tipped off to the audit. Security experts collected 20 old USB thumb drives and filled them with images and other data along with a trojan that would collect sensitive information and e-mail it back to them. Early one morning they planted the thumb drives around the entrances to the credit union as well as other public places where the employees were known to congregate. In very little time 15 of the 20 USB drives were plugged into company computer systems and started e-mailing usernames, passwords, etc. back to the auditors."

22 of 447 comments (clear)

  1. Neat Trick by Luke+Psywalker · · Score: 2, Funny

    Will have to try it...

  2. Oh crap!!! by rvw14 · · Score: 5, Funny

    I better unplug that USB drive I found this morning.

    1. Re:Oh crap!!! by soft_guy · · Score: 2, Funny

      Come on, we all know no one on Slashdot has a wife.

      --
      Avoid Missing Ball for High Score
    2. Re:Oh crap!!! by CortoMaltese · · Score: 5, Funny
      I better unplug that USB drive I found this morning.
      Yeah, the trojan has been posting score:5, funny comments as you all over the place.
  3. Re:wow by HardCase · · Score: 3, Funny

    Oh crap...I'll be right back!

  4. Autoplay trojan? by Ant+P. · · Score: 5, Funny

    I would've put autoplay Goatse on them, personally.

  5. Re:Great How-To by morcheeba · · Score: 3, Funny

    I hear you find them in certain parking lots...

    --
    HIV Crosses Species Barrier... into Muppets
  6. Here's the fix by Urza9814 · · Score: 0, Funny

    Put a giant magnetic/EMP field through all the entrances to the buildings. Anything capable of storing data will be wiped and/or fried before it makes it in.

  7. I know what those USB drives are! by Anonymous Coward · · Score: 4, Funny
    I heard that Microsoft was giving out free USB drives containing press releases on the need to buy legitmate Windows licences.

    *wink wink nudge nudge*

  8. "Yeah man, we had the day off today..." by spentrent · · Score: 5, Funny

    "Why?"

    "IT says we got dongled, whatevthefuckthatmeans."

  9. My momma always told me... by spentrent · · Score: 4, Funny

    ...you don't know where that dongle's been.

  10. Re:Pfft.... by Vraylle · · Score: 5, Funny
    "Just edit /etc/fstab to not allow normal users to do any mounting..."


    People that are geeky enough to be able to /etc/fstab a Linux system probably aren't doing much mounting either.

    --
    Mutant Freaks of Nature: "Frighteningly Addictive"
  11. Fixed in Vista by VI$7443V3R · · Score: 4, Funny

    Seriously. It really is.

  12. You could've saved a few words there by Mateo_LeFou · · Score: 4, Funny

    As soon as you used the term "provisionings" we all knew you worked for a Fortune 500 co. Do you "connectorize" stuff, too?

    --
    My turnips listen for the soft cry of your love
    1. Re:You could've saved a few words there by Kynde · · Score: 2, Funny

      "I work at a Fortune 500 company, that actually hands out USB keys with laptop provisionings."

      As soon as you used the term "provisionings" we all knew you worked for a Fortune 500 co. Do you "connectorize" stuff, too?

      I'm a little baffled as to how you managed to miss the first hint...

      --
      1 Earth is warming, 2 It's us, 3 it's royally bad, 4 we need to take action NOW
  13. Okay, if all of you can keep quiet until April by whitehatlurker · · Score: 2, Funny

    ... I think I have an idea for a great April Fool's prank. But I need all of you to be really, really quiet about this. 'K?

    --
    .. paranoid crackpot leftover from the days of Amiga.
  14. Re:wow by DeadChobi · · Score: 5, Funny

    Speaking of paranoia, someone left a disc labeled "THE TRUTH" on my car the other day. I wonder what I did with it? Oh yeah. I tossed it. If some wanker wants to tell me "THE TRUTH" then they can do it the old fashioned way, with pamphlets.

    I find it a little odd that mine was the only car in the parking lot with such a CD on it. Maybe I shoul@(*$)*@#%^Y@Ba;skONBIAEOSNA NO CARRIER

    --
    SRSLY.
  15. Re:wow by From+A+Far+Away+Land · · Score: 4, Funny

    I came home one day and this horse was waiting outside. Naturally I let it in. Damn Greeks!

    --
    Oh You POS
  16. Re:Anonymous file distribution by BandwidthHog · · Score: 2, Funny

    if I were in possession of photos of the president getting head from Dick Cheney... and I am not

    And that’s the difference between you and me, bub: an 800mm zoom lens.

    Well, that and a very strong stomach.

    --

    Quantum materiae materietur marmota monax si marmota monax materiam possit materiari?
  17. So the Plan is. by Chainsaw76 · · Score: 2, Funny

    1) Buy a crate of USB drives cheap..
    2) Install images and Trojans on all of them
    3) sell them on ebay one at a time.
    4) Harvest the spoils.
    5) Profit!

    -Jason

  18. Re:wow by Foobar+of+Borg · · Score: 2, Funny
    I am reminded of the ancient warning, "Beware of geeks bearing GIFs"

    I thought it was "Beware of geeks baring in GIFs"

    --
    Similar to the upcoming US election results
  19. Re:Pretty scary. by ydra2 · · Score: 2, Funny

    Tell that to the many Paypal victims...

    Yeah I know. My PayPal acount has been flagged for suspicious activity three time this month already and each time I had to reset my password and re-enter all my credit card information.