Yes, since most modern chargers and cables have internal chips to communicate capabilities with for things like fast-charging. It is not difficult to have the chip identify itself as something else, and execute a payload.
A common attack method is to have it show up as a keyboard, and execute a series of key-sequences when connected to a computer (like opening and executing things through a command prompt).
It is also why you should try and avoid plugging random USB cables/chargers into your phone/computer when out and about, since you don’t exactly know if the other end is what it appears to be.
Yeah, I’ve read a bunch of articles over the last few years about how a lot of law enforcement agencies are finding that instead of getting a warrant and doing a bunch of surveillance they can just buy people’s private data from a data broker and get more info than they would have been able, or allowed, to gather if they’d gotten the warrant.
I think i read somewhere that the cia said they dont install bugs anymore because now ppl do that themselfs.
It’s also a lot easier to do it in software, since you don’t need to splice wires and leave physical traces like you would have had to do in the day.
A well-configured charger or Flash drive can do that job for you, and can spread itself.
USB charger ?
Yes, since most modern chargers and cables have internal chips to communicate capabilities with for things like fast-charging. It is not difficult to have the chip identify itself as something else, and execute a payload.
A common attack method is to have it show up as a keyboard, and execute a series of key-sequences when connected to a computer (like opening and executing things through a command prompt).
It is also why you should try and avoid plugging random USB cables/chargers into your phone/computer when out and about, since you don’t exactly know if the other end is what it appears to be.
Yeah, I’ve read a bunch of articles over the last few years about how a lot of law enforcement agencies are finding that instead of getting a warrant and doing a bunch of surveillance they can just buy people’s private data from a data broker and get more info than they would have been able, or allowed, to gather if they’d gotten the warrant.