When it comes to your digital security it’s not just your PC that you have to worry about; almost all of your PC’s peripherals are hackable too. If not susceptible to being taken over entirely, they can at least be used to transmit malware.
Security firms highlight the vulnerability of peripherals all the time by conducting proof-of-concept attacks, which simulate how hackers would gain access to them.
Although these devices don’t run an operating system, most have firmware that can be updated with unsigned code and malware. That malware can hide out in these devices and remain undetected by your security software, which means you may never know it’s there.
1. Webcams
Webcam hacks are some of the more publicized device breaches. Hackers use Remote Access Trojans (RATs) and social engineering (or as is quite often the case, a combination of both) to take control of victims’ webcams remotely – known as camfecting.
Social engineering scams for camfecting attacks often come under the guise of “technical support,” where the cybercriminal claims to want to help the victim fix something wrong with their PC or webcam. Once in, the crims then go about stealing images and / or videos and using these assets to either extort or exploit the victims, usually for financial gain.
While malware is a main tool of webcam hackers, researchers have shown that there are also thousands of webcams out there that don’t even need to be properly hacked with malware for cybercriminals to gain access to them.
These webcams are vulnerable in other ways… some are being used over unsecured peer-to-peer networks and others just have weak or default passwords that can easily be breached.
2. Headphones / headsets
Anything attached to your computer can be hacked – yes, even your headphone or headset.
As proof of that, a team at Ben-Gurion University in Israel created a proof-of-concept attack on a headphone by turning it into a microphone. That’s despite the device not even being equipped with a microphone.
They used an espionage-grade malware known as SPEAK(a)R to switch the headset’s audio ports, turning the output port into an input port. Once this was done, the researchers then recorded user conversations and posted them to the internet as proof of their feat.
The hacked headphones had RealTek audio chips onboard, which can be found in a whole host of audio devices, from speakers to PC motherboards. In targeting devices with RealTek chips, the researchers highlighted the large number of devices vulnerable to an attack of this kind.
3. USB hubs
USB hubs are certainly useful devices since they expand the capabilities of your PC or laptop. But as a bridge between your PC and other devices they are also ideal for hackers to target and use for their own nefarious purposes.
These devices don’t usually come with any kind of firewall or security protection. In fact, most provide a free and open direct line of access to your devices, so hackers can successfully use them as conduits to spread malware.
USB hubs can also be used to intercept data. This is usually achieved when the cybercriminals physically plug a malicious USB flash drive containing malware into the hub that can intercept, download, and sometimes even remotely transmit data.
4. USB cables
The humble USB cable is the last thing you’d expect to have to worry about from a security point of view, but the truth is that even these seemingly benign devices can be used to hack your PC and steal your data and / or credentials.
How do we know this? We recently covered the story of Lumafield’s research into the O.MG cable — a well-known “hacked USB cable” built for covert field use and research.
Lumafield, employed 2D and 3D scanning techniques to uncover hidden hacker hardware located inside the O.MG cable’s connector. It revealed a chip stacked on top of the cable’s microcontroller, which could be used by hackers to intercept data, eavesdrop on phone calls, and even to take full control of your PC.
5. Printers
Printers can be hacked in several ways – directly when cybercriminals connect to them via an open internet connection or security port, via Bluetooth, or by infecting them with malware. Printers often get infected with malware when the user installs malicious software by accident, or when they attempt to print out documents that are themselves harboring malware.
While no one with a printer is immune from being hacked, institutions and companies are particularly vulnerable to printer hacking since cybercriminals can steal their sensitive documents this way — like plans, prototype designs, internal memorandums, or medical records. These documents are usually saved in the printer memory.
Printer hacking really hit the mainstream back in 2017 and 2018, when there were a number of highly publicized printer hacks involving hundreds of thousands of personal printers. Since then, companies have attempted to make printers more secure, but most devices still remain vulnerable.
Connectez-vous pour ajouter un commentaire
Autres messages de ce groupe
For years, Notepad has existed as a bare-bones text editor. No longer
Software is complicated—and I say that with the confident authority o
Microsoft Edge Game Assist has worked its way through Microsoft’s dev
The shooter genre sometimes feels oversaturated with games that, like
