A white hat hacker broke into a bank and left 20 USB tokens lying around the parking lot of the bank for employees to find. When they plugged in the USB token, the Trojan backdoor was installed on the employees' computers and the hacker was into the banks network! Some employees claimed they were being helpful — trying to find the token's owner, others were curious about the token's content, still others thought they had scored a huge USB token and tried unsuccessfully to reformat the token. Unfortunately the new "U3 Technology" on these tokens prevented a hidden partition from being deleted, and it contained a remote access Trojan which installed itself by emulating a cdrom and using WinXP's Cdrom autoplay feature.
sans.org
No comments:
Post a Comment