Trojan virus spreads via PC mouse

Think your computer or network can get a Trojan virus or malware only via a malicious website or an infected flash drive? Think again: even a mouse can get the job done, too.

A modified mouse —and almost any hardware device that can be plugged into a computer— can potentially infect a network, as shown in a recent hack by security firm Netragard.

"(We used) electronics which include a teensy microcontroller, a micro USB hub, a mini USB cable (we needed the ends) a micro flash drive (made from one of our Netragard USB Streamers), some home-grown malware (certainly not designed to be destructive), and a USB device like a mouse (or) whatever else someone might be tempted to plug in. When they do plug it in, they will be infected by our custom malware and we will use that point of infection to compromise the rest of the network," Netragard said in a blog post.

Netragard said the challenge had been to penetrate a network with a single IP address bound to a firewall that offered no services.

Other limitations included no use of social networks, telephone, email or physical access to the network to be penetrated.

For its project, Netgard used a fancy Logitech USB mouse fitted with a microcontroller and a tiny USB flash drive where the malware is stored.

But even without the flash drive, Netragard noted it "could still instruct the mouse to fetch the malware from a website."

Netragard also created custom malware for the antivirus software that the target computer is using.

"We wanted our malware to be able to connect back to (us) but we needed more than that. We needed our malware to be fully undetectable and to subvert the 'Do you want to allow this connection' dialogue box entirely. You can’t do that with encoding," it said.

Netragard then shipped the mouse to the target, making it look like a promotional gadget so the victim will use it.

"Sure enough, three days later the mouse called home," it said.

Public unaware of threat

Infoworld's Roger Grimes said that many are unaware that hardware, especially a mouse, can be used to deliver auto-launching exploit code.

"IT security admins must understand that a computer can be compromised by almost any hardware device plugged into it. Hardware is hardware —the instructions coded into it and its firmware takes precedence over software. When we talk trust boundaries in computer security, you always have to remember the hardware boundary must be discussed and defended," Grimes said.

"If I, as the attacker, can convince a victim to plug in some sort of hardware or if I plug it in myself, then it is, for all intense purposes, game over. If I can plug something into your USB, DMA, FireWire, and now mouse port, I'll likely succeed in carrying off a malicious action," he added.

Grimes said end-user education is always worth the effort.

"Let your end-users know that anything they plug into their computer could launch malicious code. That free USB key at the conference show? They shouldn't plug it in, nor should they attach free mice, free keyboards, or whatever if they are at elevated risk of physical attack," he said. — TJD, GMA News

Editor’s note:Yahoo Philippines encourages responsible comments that add dimension to the discussion. No bashing or hate speech, please. You can express your opinion without slamming others or making derogatory remarks.

  • Lenten procession more than just a spectacle VERA Files - The Inbox

    Text and photos by Kiersnerr Gerwin Tacadena, VERA Files Baliuag, Bulacan--This town is hosting what could be the country’s biggest Lenten procession consisting of more than 100 religious statues riding on carriages or carrozas. But concerns are being raised that … Continue reading → …

  • Holy Week in Mt Banahaw: Mysticism meets Catholicism VERA Files - The Inbox

    Text and photos by Patricia Isabel Gloria, VERA Files Dolores, Quezon—Around this time each year, hundreds of devotees flock to Barangay Sta. Lucia in Dolores, Quezon on the slopes of Mount Banahaw to celebrate Holy Week. Here, mysticism meets Catholicism, … Continue reading → …

  • Simbang lakad for Lolo Uweng VERA Files - The Inbox
    Simbang lakad for Lolo Uweng

    By April Anne Benjamin, VERA Files San Pedro, Laguna--For 14 Maundy Thursdays now, Inding Amoranto has prayed the rosary while walking the eight-kilometer distance from her house to the Shrine of Jesus in the Holy Sepulcher in the village of … Continue reading → …

Poll Choice Options