November 11th, 2013, 05:02 PM | #1 |
wat
Name: wat
Location: tustin/long beach
Join Date: Sep 2009 Motorcycle(s): wat Posts: Too much.
Blog Entries: 5
MOTM - Oct '12, Feb '14
|
newest malware attacks usb
it gets passed around by performing a buffer overflow on the intel firmware in all current-gen intel usb devices. actively works to restore itself using ... get this... ultrasonic communication through sound devices that is inaudible to humans if it doesn't have a network connection available.
get this, even the international space station's systems are infected with this thing after a russian brought up a USB drive that was infected. it seems nobody really knows what the thing does. but the sheer complexity and elaborate attack vector used clearly points at the intelligence community. hearing what the 'experts' have to say about this thing is kinda spooky. don't use other peoples' usb drives.
__________________________________________________
|
|
November 11th, 2013, 05:05 PM | #2 |
Certifiable nontundrum
Name: Harper
Location: NC Milkshake stand
Join Date: Mar 2013 Motorcycle(s): 2013 SE NINJA 300 Posts: Too much.
MOTM - Sep '13, Sep '16
|
Scary stuff!
__________________________________________________
|
|
November 11th, 2013, 05:29 PM | #3 |
The Corner Whisperer
Name: Chris (aka Reactor)
Location: Northern KY
Join Date: May 2011 Motorcycle(s): 2010 250 (track), 1992 250, 2006 R6 (street/track), 2008 R6 (track) Posts: Too much.
MOTY 2015, MOTM - Nov '12, Nov '13
|
Well now... since it's on the space station. It's just a matter of time, prepare now!
__________________________________________________
Goal: Shake A Million Hands | Look through the corners | Track Day Prep | Closest track? | The Mid-Ohio School |
|
November 11th, 2013, 05:58 PM | #4 |
ninjette.org member
Name: Patrick
Location: Coronado, CA
Join Date: Jun 2013 Motorcycle(s): 2015 zx6r Posts: 176
|
seriously doubt the 'restoring itself through speakers' thing. what does it use to capture the communicated sound? not a whole lot of people have microphones good enough to grab those kinds of sounds, not to mention the interference between speaker and microphone.
just doesn't seem plausible to me. edit: also, don't just allow anything you plug into your computer to do anything it likes. KNOW what it is before you plug it in; those "are you sure?" prompts aren't there to annoy you. |
|
November 12th, 2013, 08:50 AM | #5 |
ninjette.org certified postwhore
Name: Al
Location: York, Pa
Join Date: Dec 2012 Motorcycle(s): 2013 Ninja 300..............2008 Ninja 500-sold...2009 Ninja 250-Crashed Posts: Too much.
MOTM - Sep '14
|
|
|
November 12th, 2013, 06:02 PM | #6 |
ninjette.org certified postwhore
Name: Colin
Location: Bay Area
Join Date: Feb 2011 Motorcycle(s): '96 EX250 Posts: A lot.
|
This smells like some kind of weird hoax to me. I guess in some ways it's feasible but immensely impractical. The airgapped target would have to be physically infected and then you'd basically need to be within LOS to collect data... Assuming the target even has speakers attached if I'm understanding correctly? It all just seems really weird and improbable.
__________________________________________________
Ç¥ñ頻| ßÿ Ñâ7µ®é. Äñt¡~§º¢Ïä| ßý Çhøî©è. |
|
November 12th, 2013, 11:58 PM | #7 |
ninjette.org member
Name: Patrick
Location: Coronado, CA
Join Date: Jun 2013 Motorcycle(s): 2015 zx6r Posts: 176
|
dug up a couple thread from tech websites, and the general consensus is that "badbios" is definitely a thing - it's not a new type of virus, though. it writes to the bios so that it can withstand an hdd wipe, and in some cases you have to replace the physical bios chip itself in order to get rid of it.
the whole communicating via mic/speakers thing seems to be little more than hearsay, though. SO. back up your files regularly, practice safe computer use (don't give random programs access to everything), etc. |
|
November 13th, 2013, 09:02 AM | #8 |
ninjette.org certified postwhore
Name: Colin
Location: Bay Area
Join Date: Feb 2011 Motorcycle(s): '96 EX250 Posts: A lot.
|
__________________________________________________
Ç¥ñ頻| ßÿ Ñâ7µ®é. Äñt¡~§º¢Ïä| ßý Çhøî©è. |
|
November 13th, 2013, 09:33 AM | #9 |
ninjette.org certified postwhore
Name: Al
Location: York, Pa
Join Date: Dec 2012 Motorcycle(s): 2013 Ninja 300..............2008 Ninja 500-sold...2009 Ninja 250-Crashed Posts: Too much.
MOTM - Sep '14
|
When one of my users gets a virus, I do a 3 pass wipe of there Hard Drive. Now I will also flash the bios as well.
|
|
November 13th, 2013, 11:26 PM | #10 |
ninjette.org certified postwhore
Name: Colin
Location: Bay Area
Join Date: Feb 2011 Motorcycle(s): '96 EX250 Posts: A lot.
|
The point is that this rootkit can potentially survive a reflash...
__________________________________________________
Ç¥ñ頻| ßÿ Ñâ7µ®é. Äñt¡~§º¢Ïä| ßý Çhøî©è. |
|
November 14th, 2013, 01:59 PM | #11 |
Your face
Name: Wes
Location: SF Bay Area
Join Date: Jul 2013 Motorcycle(s): 2014 Honda CBR650f Posts: A lot.
|
Sounds like this affects Macs just as bad as Windows. Pooooh
__________________________________________________
"even a proper fitting helmet can 'get loose'" -csmith |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
USB Charger | n4mwd | 1986 - 2007 Ninja 250R Farkles | 14 | March 12th, 2013 07:49 AM |
Snowbiker attacks a coyote | akima | Videos | 42 | January 24th, 2013 02:01 AM |
ALEX! - Malware, I guess from your add providers. | Joshorilla | Forum Information | 4 | December 10th, 2012 10:37 PM |
Malware in Count to 1 Million Thread | gfloyd2002 | Forum Information | 9 | September 29th, 2012 05:05 PM |
USB keys | headshrink | Off-Topic | 5 | August 6th, 2012 06:57 PM |
|
|