Wandering in Fields of Idiots

My Blog

Hardware Trojan Devices

| Comments

So, I was reading an article which described how a penetration testing company managed to get past a firewall by posting an employee a specially rigged mouse! The idea was that my embedding a micro-controller in the mouse which could be programmed to disable the virus protection on a computer and then load some Trojan vector. The real difference in this design was that it didn’t depend on a USB memory stick and autoload, it used HID keyboard commands instead.

One of the comments in The Register article made me think, the suggestion was basically this could be more than just a mouse. That had me thinking:

Why not put a 2G modem embedded in the keyboard!? Not just a dumb one, but one programmed to accept an incoming connection or create a reverse connection to the hacker. An mbed processor could act as the infection vector controller, or perhaps even one of the modems with embedded python-on-a-chip just to make it neat?

Then wow, that is a really big security risk and not that difficult to achieve. OK hackers, you have your next project, get going!