Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Did any digital nasties show up under your tree this year? - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Did any digital nasties show up under your tree this year?

As many of our readers may recall the past two years we had numerous reports of infected digital devices arriving as Christmas and holiday presents.  We believe that the global manufacturing process has improved based on consumer complaints, but there is always the possibility that something got through due to the complexity of the digital supply chain.  Let us know via our contact form if you, your family, or your friends received any malicious "value-added features" in electronic hardware either given or received as gifts.  We are especially interested in USB devices such as photo frames, GPS units, external hard drives, etc. since they seemed to be the items most vulnerable in the past.

Otherwise, have a safe and happy holiday season and best wishes to you and your families.

Marcus H. Sachs
Director, SANS Internet Storm Center

Marcus

301 Posts
ISC Handler
I understand the concern about the manufacturing process, but my guess is that many of these were infected in the retail store, not in the factory. How many were display models that were repackaged at the store, after being accessible to the public? How many had their packaging opened and resealed?

Its a pretty common way for the bad guys to get trojans and rootkits onto boxes - plug a usb into a display model and then run the software. Unfortunately, in many places (Best Buy, Future Shop etc), these display models are run wide open on the store floor. Someone then buys the display model thinking they are getting a deal and boom, a new zombie and bot node on the net.
Anonymous
I doubt there are many people out there traveling from Best Buy to Best Buy putting root kits on display models. That seems like a terribly inefficient means of distributing malware and building a botnet when they could just spend a few minutes on Face Book or My Space and add 10 times the number of bots.

Geeks are lazy, minimal effort, maximum outcome.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!