Results 1 to 4 of 4

Thread: Fake USB Flash Drives

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Diamond Member AndyD's Avatar
    Join Date
    Jan 2010
    Location
    Cape Town
    Posts
    4,923
    Thanks
    576
    Thanked 934 Times in 755 Posts

    Fake USB Flash Drives

    I've come across more than one large capacity USB flash drive recently which is in reality half the memory size or less than it's supposed to be.

    The latest one I've come across also had several virusses pre-loaded. It was not name branded and was acquired from a street vendor. It had a sticker on it saying it was supposed to be 8gb and had 2 executables in the root along with an autorun inf file to execute them. Luckily I have autorun disabled on all my machines for exactly this reason and my AV immediately went bezerk begging and pleading to quarantine the contents. One of the executables is scripted primarily as a keylogger, the other I'm not too sure about but it's probably an svchost. The drive has a low level hack applied to it causing it to show as a 8gig capacity on Linux and Windows OS. Windows native disk utilities reformatting or reinitialization makes no difference to it's reported size.

    I made a tool adapting a delete program I wrote which makes a file in the root and fills it with asterisks to securely overwrite any residual data on the drive. It picked up that the actual drive size is slightly under 4gb before write failure occurred.

    The bottom line is that these flash drives are a security risk as well as an out and out con. Saying that, it actually cost considerably less than a 4 gig stick is generally available for at retail prices so depending how you look at it, it might not be a con.

  2. Thank given for this post:

    Dave S (02-Aug-10), garthu (01-Aug-10)

  3. #2
    Gold Member Mark Atkinson's Avatar
    Join Date
    Jul 2010
    Location
    Melbourne, Australia
    Posts
    796
    Thanks
    212
    Thanked 150 Times in 117 Posts
    Blog Entries
    12
    As far as I'm concerned, I will never buy no-name brand hardware. I've had too many bad experiences with them. Despite the chance of it being a con like you have mentioned, they are more often than not slower and do not last nearly as long as the more trusted brands do. On the whole anyway.

    I bought myself a Kingston 8gb flash and I've never looked back!

  4. #3
    Gold Member garthu's Avatar
    Join Date
    Dec 2008
    Location
    Midrand
    Posts
    595
    Thanks
    39
    Thanked 65 Times in 55 Posts
    One of the executables is scripted primarily as a keylogger
    Thats fairly scary, thanks for the heads up on that. Amazing how these guys come up with this stuff to get access to your pc!
    Garth

    Electric fence Installation : www.midrand-electronics.co.za
    Free Classified Adds : www.bgone.co.za

  5. #4
    Diamond Member AndyD's Avatar
    Join Date
    Jan 2010
    Location
    Cape Town
    Posts
    4,923
    Thanks
    576
    Thanked 934 Times in 755 Posts
    Quote Originally Posted by garthu View Post
    Thats fairly scary, thanks for the heads up on that. Amazing how these guys come up with this stuff to get access to your pc!
    I'm sure they get a pretty good hit-rate. Most people have blind trust of new equipment being clean and Kosher and it's not unusual to find a whole host of legitimate executable files on a new external drive or flash drive.

Similar Threads

  1. [Question] Solid State Hard Drives
    By Chatmaster in forum Technology Forum
    Replies: 12
    Last Post: 25-Jun-09, 01:08 PM

Did you like this article? Share it with your favourite social network.

Did you like this article? Share it with your favourite social network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •