Saturday, February 16, 2019

USB Cable Allows Remote Attacks over WiFi


*Note, ComSec's Cyber TSCM Inspection, Utilizing the "ORIUS WIFI" analyzer would reveal this threat within seconds. Contact us, we can help. J.D.L.~


Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer's keyboard.

When plugged into a Linux, Mac, or Windows computer, this cable is detected by the operating system as a HID or human interface device. As HID devices are considered input devices by an operating system, they can be used to input commands as if they are being typed on a keyboard.

Created by security researcher Mike Grover, who goes by the alias _MG_, the cable includes an integrated WiFi PCB that was created by the researcher. This WiFi chip allows an attacker to connect to the cable remotely to execute command on the computer or manipulate the mouse cursor.