USB C adapter hackable?

[Momo50]

Hi folks!

 

Is it possible that a USB C to Ethernet adapter (or whatever USB adapter) could be hacked/tampered to contain malware? Without visible proof of manipulation, I mean.

 

I've read some articles about malware installed in the firmware of USB cables/devices/dongles, but I couldn't get any clear conclusions. Does the hack have to be done when originally assembling the cable/device/etc or can a "clean" cable/adapter/etc be manipulated afterwards (and then sent to the victim)?

 

I've bought a known brand adapter (Belkin) but the box seemed to be opened previously... Yeah, it might just be a previously returned unit, but ignorance gives wings to weird thoughts after reading some security articles...

 

Thanks a million in advance!

[Quackers101]

hackable? yes please!

Depends on what you buy, some are just wired in a way with some controllers I guess?

Which doesn't mean much, while shady storage units could contain anything, from USB drive with malware etc. Else you only need to open up and see inside, if it's tampered or if you bought a new one, return for a new unit if you believe it has been tampered with (could be the post office checking the package?).

[Momo50]

12 minutes ago, Quackers101 said:

hackable? yes please!

Depends on what you buy, some are just wired in a way with some controllers I guess?

Which doesn't mean much, while shady storage units could contain anything, from USB drive with malware etc. Else you only need to open up and see inside, if it's tampered or if you bought a new one, return for a new unit if you believe it has been tampered with (could be the post office checking the package?).

Hi Quackers101!

 

Thanks soo much for replying! Besides the box having been opened (for sure, celo tapes of the box are cut), the adapter doesn't seem to have been tampered, visually talking. Do these kind of malware for USB cables/hubs/adapters (not talking about USB drives) need to physically tamper the item or can they just be introduced via software -and so being undetectable to the eye?

[Quackers101]

4 minutes ago, Momo50 said:

Hi Quackers101!

 

Thanks soo much for replying! Besides the box having been opened (for sure, celo tapes of the box are cut), the adapter doesn't seem to have been tampered, visually talking. Do these kind of malware for USB cables/hubs/adapters (not talking about USB drives) need to physically tamper the item or can they just be introduced via software -and so being undetectable to the eye?

if it's legit and stuff, while doesn't seem like it has been opened or broken?

likely fine, you wouldn't able to add anything, unless they did add anything else inside. it would be worse if the unit is bad, and has bad ports that are either live (live current around the port) which is sometimes on much worse chinese products or made wrong. But if you don't feel there is anything wrong, then it might have just been used before, so did you buy it used or what? mostly unknown used drives you have to be more careful with.

[Momo50]

2 hours ago, Quackers101 said:

if it's legit and stuff, while doesn't seem like it has been opened or broken?

likely fine, you wouldn't able to add anything, unless they did add anything else inside. it would be worse if the unit is bad, and has bad ports that are either live (live current around the port) which is sometimes on much worse chinese products or made wrong. But if you don't feel there is anything wrong, then it might have just been used before, so did you buy it used or what? mostly unknown used drives you have to be more careful with.

Nope, I didn't buy it as used or refurbished, it was supposed to be new, but somehow it came opened. Don't know if it was used before or it was just the box, but at least the adapter seems to be perfectly fine, I mean, untampered. Haven't used it yet as I wanted to get more info about this...

 

Thanks again!

[Momo50]

13 minutes ago, James Evens said:

Nobody would spend that time/money on a random amazon return. Usually you would target such attacks.

 

Just think about it:

1. it is a physical item so you need logistics

2. if chip level access is required you need skill and time to dissemble it

3. if it can be done by software you still need the logistics and once discovered it is "burned"

 

Honestly if I would want to make money social engineering and fishing emails are the way to go.

Hi James! And thanks for your reply What do you mean (in point 3) by "burned"? I'm sorry, I'm afraid I don't get point 3.

 

But, I get the point of what you're saying: it's highly unlikely to suffer such an attack me being a random guy. Problem is, one reads articles about Bad USB and Ninja USB and gets a little paranoid. For example, this one (https://www.mitnicksecurity.com/blog/the-latest-malware-threat-the-usb-ninja-cable), which btw I find a little absurd as it tries to explain what an average user can do to avoid being a victim to finally end up saying that nothing at all can be done... That's why the info I found about this topic confused me a lot.

[Quackers101]

9 minutes ago, Momo50 said:

Hi James! And thanks for your reply What do you mean (in point 3) by "burned"? I'm sorry, I'm afraid I don't get point 3.

 

But, I get the point of what you're saying: it's highly unlikely to suffer such an attack me being a random guy. Problem is, one reads articles about Bad USB and Ninja USB and gets a little paranoid. For example, this one (https://www.mitnicksecurity.com/blog/the-latest-malware-threat-the-usb-ninja-cable), which btw I find a little absurd as it tries to explain what an average user can do to avoid being a victim to finally end up saying that nothing at all can be done... That's why the info I found about this topic confused me a lot.

Ninja USB or whatever is mostly in a PUBLIC setting.

To ports on airports and the like, were devices can be connected to the internet or messed with or placed shadey USB ports.

Which is why they always recommend charging your phone or laptop only in the wall and not through some USB variant. More so if your role has a high security risk.

 

Also that the ports on your laptop etc, if left alone the attack by someone adding an USB stick into your port without knowing and pushing something onto your computer. *goes around the cafe shops to see if anyone got some bitcoins in their wallet* jk...

 

Mostly not something you need to worry about that much? also one way to see if an cable is shady, if the connector is bigger than usual were an small PCB with stuff added to it. again if it's legit, this will likely never happen. unless you buy some shady stuff from wish

[Momo50]

2 minutes ago, Quackers101 said:

Ninja USB or whatever is mostly in a PUBLIC setting.

To ports on airports and the like, were devices can be connected to the internet or messed with or placed shadey USB ports.

Which is why they always recommend charging your phone or laptop only in the wall and not through some USB variant. More so if your role has a high security risk.

 

Also that the ports on your laptop etc, if left alone the attack by someone adding an USB stick into your port without knowing and pushing something onto your computer. *goes around the cafe shops to see if anyone got some bitcoins in their wallet* jk...

 

Mostly not something you need to worry about that much? also one way to see if an cable is shady, if the connector is bigger than usual were an small PCB with stuff added to it. again if it's legit, this will likely never happen. unless you buy some shady stuff from wish

Hahaha thanks mate! No shady stuff at all, just some extremely boring tasks.

 

Cheers!