USB Thumb Drives that can Fry your System

hardware, Security,
06
May 2015

PC On Fire Shoot

Learn how USB thumb drives can potentially destroy laptops / pcs. We’ll explain how this works and what measures can be taken to protect your computers.

If you happen to find an unknown flash drive in any place that you aren’t familiar with, we strongly advise not to plug it into a computer, especially one that is used for work.  It makes sense when there’s a high element of risk involved. Not only does the possibility of being infected by a virus exist, but as of late, a new type of attack has been created which can physically damage your systems. We have recently learned of dangerous USB thumb drives that are capable of frying a computer or laptop. 

How does it work?

Think of a computer’s ports as physical access points for an attack.

USB-Killer-2

  • An attacker would modify or build a USB thumb drive by using an inverting DC-DC converter to draw power off the USB port.
  • The power drawn from the USB port is then used to create a -110VDC charge on a capacitor bank.
  • Once the caps have charged up, this triggers the converter to shut down.
  • This forces a transistor to propel the voltage from the capacitor over to the port’s data pins.
  • This pattern repeats every time the caps recharge, discharging its high voltage through the port.
  • As long as there’s a bus voltage and high current present, the attack will run its course and overrun the small TVS diodes present on bus lines  of the computer or laptop.
  • Inevitably this will lead to a computer’s components, including possibly the CPU, to fry.
  • With fried components, a laptop or computer will be “dead”.

In typical circumstances a USB thumb drive is design to be protected, and a computer is normally able to dissipate manageable amounts of power, which wouldn’t cause this type of damage.

An example of an attack

A thief had stolen a USB flash drive off a commuter on the subway.  When the thief inserted the flash drive into his computer USB port, the least he’d expected was to see some data. Instead, his computer died as its internal components have been fried.  Although one may think that it was good for the thief to get their just desserts, it addresses a more serious problem- trusting unknown peripherals such as flash drives.

Precautionary measures

Now that we have a good overview of how a USB thumb drive can be engineered to take out a computer, let’s discuss how to prevent such an occurrence.

  • Don’t allow strangers to connect a USB thumb drive in to a mission critical computer or laptop.
  • Don’t plug in USB thumb drives found in public.
  • Do only use thumb drives purchased from reliable retailers or officially provided by an IT administrator.
  • Avoid sharing thumb drives, especially if they leave the premises and return to be used on computers.
  • Aim for individuals to carry their own thumb drives which can safely be used within an office environment.
  • Always question any thumb drives which may be presented to your business by an unknown third party. Even if it lands at your office’s reception desk, have an IT admin check it out first.
  • Have a thumb and flash drive policy in place to cover all of the above as part of your IT security policy.

For more ways to safeguard your computers and IT infrastructure, contact your local IT professionals.

Read More

CryptoWall: Advanced Ransom Malware

Security, ,
04
May 2015

ransomware-161113CryptoWall 3.0, a new variant of the Cryptolocker ransom-ware virus is out causing problems to many businesses. Learn how it works and how to prevent it.

Discovered in late February 2015, CryptoWall 3.0 works very much like the previous versions of this virus, however its strategy to infect systems is somewhat different..

How CryptoWall 3.0 works

  • When the infected file containing CryptoWall 3.0 is opened, the malicious program encrypts all files that it finds mapped over the network.
  • Files become encrypted and unreadable.
  • Only the perpetrator can unlock the code to make it readable again.
  • Once it finishes encrypting all files, it asks for a ransom of around $500USD.
  • This amount is expected to be paid in Bitcoin currency, which is a universal currency used around the world.

Point of entry and identification

CryptoWall 3.0 employs social engineering tactics via phishing emails. These come through with attachments disguised as an “incoming fax report” displaying the same domain as the one the user is on creating a false sense of trust by making them believe it is a legitimate document. Once opened, Cryptowall picks up all mapped drives identified from the host machine it infects and encrypts all of the contents on it as well as the data on the mapped drives.

CryptoWall 3.0 uses .chm attachments, which is a type of compressed file used for user manuals within software applications. Since .chm is an extension of HTML, this allows the files to be very interactive with different types of media such as images, hyperlinked table of contents and so forth. It also uses JavaScript to allow the attack to send users to any website on the Internet, which occurs when a user opens up the malicious .chm file.
Once the file is opened, the attack automatically runs its course.

CryptoWall: More than meets the eye

rouge

Ransom Malware bas been evolving since the first wave of Cryptolocker attacks back in September 2013, which had netted the virus writers over $27,000,000 from claiming ransom money within only a few months of the Cryptolocker operation. Attacks are happening all over the world with detections in Europe, the UK, the US and in Australia.
The sophisticated Cryptolocker and CryptoWall attacks also use botnets, which is a wide network of compromised machines, to be the originators of the attack. Aside from speeding up distribution of the virus, it allows anonymity for the virus writers.

How to prevent CryptoWall 3.0

For more ways to stay protected and safeguard your network, contact your local IT professionals.

Read More

The Declining Firefox Market Share

Office IT,
02
May 2015

chrome_vs_firefox_securos.org_.ua_

Is Firefox as popular as it used to be? A decline in the Firefox market share has proven its loss of user share. Learn why by reading our overview here.

Browsers take long-term data statistics very seriously, as it is a measure of their success in the internet browser market. The popular and widely used browsers today are considered to be Google Chrome, Mozilla Firefox, Internet Explorer, Safari and Opera.

In the past year, Mozilla Firefox’s desktop user share has dropped by a significant 34% and since April 2010, dropped down to a total of 54%.

In recent months and years, Mozilla’s Firefox has continued to lose user share due to other widely used internet browsers gaining popularity. The Firefox browser has dropped to the lowest numbers in the browser market share since its initial release back in 2004 when Internet Explorer had already captured most of browser market.

Less people are using the Firefox browser and they’re increasingly reporting issues related to its use. For instance, there are now fewer browser users discussing bugs and fixes on blogs and forums than ever before. This has led to more problems for Mozilla Firefox.

The rise and fall of user share

browser-war-galit-weisberg

Browser wars as depicted by Galit Weisberg.

 

Let’s look at the rise and fall of user share regarding Mozilla Firefox browser and compare it to other popular browsers.

February saw Mozilla Firefox’s user share on desktop platforms to be down to 18.2%, which was down half a percentage from the previous month.

According to Computerworld, if the trend of losing market share continues at the same rate, this could mean that Firefox would go under 8% by this coming October based on both mobile and desktop users being at a low 9.8%, which is 3.4% down from when they first recorded statistics in July 2014.

Mobile Device Browsers

web-browsers

Since the introduction of smartphones that have been made widely available to the consumer market, users are also accessing the internet on their mobile devices. The drop in user share for Firefox appears to correlate with the increased use of mobile devices. Not even their combined numbers of desktop and mobile device users can make up for this loss in market share.

This is despite having a mobile web browser available on smartphone devices, such as for Apple’s iOS and Google’s Android devices.

According to Computerworld’s records, February’s mobile share usage was less than seven-tenths of 1%.  Google’s Chrome browser has been the biggest beneficiary of the loss of user share suffered by Firefox.

With Chrome being a popular browser choice on mobile platforms, this has helped their share flourish on the overall market. According to Net Applications’ statistics, Chrome along with the former Android browsers it has replaced, takes up a massive share of the market with 41.5%.

Mozilla committed to evolve their services

As Mozilla is focusing on their cloud service to offer an improved browsing experience for mobile and desktop browser users. They have also signed a five year contract with Yahoo to make its search engine a default one for Firefox browser in the United States.

In regards to a snapshot of the current market share for browsers, the order of popularity from highest to lowest includes Internet Explorer, Google Chrome, Safari, Mozilla Firefox and Opera.

For more information on Cloud services and flexible IT solutions, contact your local IT professionals.

Read More