Does it affect me? Why do I need it?
- If you don't use any USB device at all, then, of course, you don't need a USBCondom. But how can you read this page? :)
- But if you have USB cables for charging phones, flash drives and everything that works with USB, we would recommend such protection. If you charge your phone in cafes, airports or offices using public USB ports, all your data may fall into the wrong hands. Or it can fry your device.
Could you tell more about these attacks?
- Juice jacking is a type of cyber attack involving a charging port that doubles as a data connection. This often involves either installing malware or surreptitiously copying sensitive data from a smart phone, tablet, or other computer device. [link]
- USB Killer is a device appearing as a USB thumb drive that sends high-voltage power surges into the device it is connected to, threatening to damage hardware components. The device has been designed to test components for protection from power surges and electrostatic discharge.
- BadUSB. https://www.youtube.com/watch?v=nuruzFqMgIw https://en.wikipedia.org/?title=BadUSB https://www.wired.com/2014/07/usb-security/
Some news and articles about attacks made via USB
- Former Student Used “USB Killer Device” to Destroy Computer Equipment and Caused More than $58,000 in Damage: https://www.justice.gov/usao-ndny/pr/former-student-pleads-guilty-destroying-computers-college-st-rose
- Malicious Software Campaign Targets Apple Users in China: https://bits.blogs.nytimes.com/2014/11/05/malicious-software-campaign-targets-apple-users-in-china/
- Another Cyberattack Spotted Targeting Mideast Critical Infrastructure Organizations: https://www.darkreading.com/attacks-breaches/another-cyberattack-spotted-targeting-mideast-critical-infrastructure-organizations/d/d-id/1330679
- Вредоносные USB-устройства как вектор атаки: https://www.kaspersky.ru/blog/weaponized-usb-devices/22648/
USB Condom is Open-source hardware
All Condoms are open sourced, and our repositories are open to your Pull Requests to make the project better :)
Scheme and BOM (Bill of materials) are available: usb-c0nd0m (main) and a fork at GitHub.
What is DC20e6?
DC20e6 is a community for people interested in studying modern technologies and applying them in an unusual way which often implies information security and everything the positive meaning of the word "hacking" includes.
You can make BadUSB device on your own for FREE
- ~$3 USB Killer https://hackernoon.com/this-3-diy-usb-device-will-kill-your-computer-33c4bdb1da40
- PoisonTap - siphons cookies, exposes internal router & installs web backdoor on locked computers
- P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
- DeviceKey from DC20e6 is a framework for testing any USB devices.