April 26th, 2007

pinkie pie

Social engineering with USB keys

A comment on a Reg story about USB-key malware led to a great story from about a year ago about a tiger team hired to audit a credit union, who launched a successful social-engineering attack dropping trojan-infected USB keys around the parking lot:

Once I seeded the USB drives, I decided to grab some coffee and watch the employees show up for work. Surveillance of the facility was worth the time involved. It was really amusing to watch the reaction of the employees who found a USB drive. You know they plugged them into their computers the minute they got to their desks.

Full article: Social Engineering, the USB Way.

(Speaking of USB keys: humping dogs.)

Originally posted at rich text.