USB Switchblade: analyzing a threat

Discussion in 'malware problems & news' started by Rmus, Dec 22, 2006.

Thread Status:
Not open for further replies.
  1. Rmus

    Rmus Exploit Analyst

    Mar 16, 2005
    In another thread, Ice_Czar posted an article on malware, named USB Switchblade. Since further discussion of this would veer away from the original topic, I'm making a new thread.

    Articles like that one are frustrating because they give no details about how the exploit "gets into the system." No basis for analysis. So, you have to dig further.
    End of threat. Or should be. What home user here has a personal computer that could be accessed by an unauthorized user?

    If corporate, same thing: can anyone else access your computer at work without your permission? (omitting someone taking it apart, etc; also omitting what company policies permit monitoring, etc).

    If, in some unusual circumstance unauthorized access to your computer occurred, then:
    Could someone insert a USB drive and run a program that wasn't already installed on your computer?
    Try it. Put a program from a friend's computer on a USB drive and see if it will run on yours. Just some little freeware that is a self-contained executable. If it runs, then that aspect of your security needs bolstering. See the "other anti-malware software" forum.

    If you analyze threats and take them back to the point at which they are installed, you find that the techniques haven't changed much, and can be dealt with in a logical way.



    "Talking About Security Can Lead To Anxiety, Panic, And Dread...
    Or Cool Assessments, Common Sense And Practical Planning..."
    --Bruce Schneier​
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    May 9, 2005
    Physical access = game over.
Thread Status:
Not open for further replies.