Chinese appliances(including DashCams) are shipping with malware-distributing WiFi chips?

[Street Guardian USA]

I'm calling BS, but still interesting to think about.

http://www.geek.com/apps/chinese-ap...with-malware-distributing-wifi-chips-1575315/
_________________________________________________________
Chinese appliances are shipping with malware-distributing WiFi chips

Apps and SoftwareBy Lee Mathews Oct. 29, 2013 10:35 am

Was the iron in the last hotel room you stayed in made in China? Bad news: it may have been hiding an insidious little chip designed to infect your computer with spam-serving malware.

It’s not just irons that are being used as tiny trojan horses, either. Dashboard cameras, cell phones, and tea kettles have also been found inconspicuously outfitted with the malicious chips. They’re reportedly capable of latching on to any computer within 200 meters that’s attached to an unsecured WiFi network… like the ones in many hotels and coffee shops.

Shipments of modified small appliances are apparently popping up in Russia, but that could just be the tip of the iceberg. It’s entirely possible that the Russian gadgets were the first to be spotted and that similar malware gear has already been shipped to other corners of the globe.

It’s bad enough that you can’t trust that unfamiliar USB chargeryou were just about to plug your smartphone in to, but now you can’t even trust the iron you were going to use to press your slacks.

So what are these sneaky Chinese appliances up to? Right now, it looks like they’re only looking for unsuspecting drones to add to someone’s spam-serving army. Once a machine has been compromised, though, it’s possible that those in control would push additional malware to a victim’s machine.

They may even start sniffing WiFi traffic for usernames, passwords, and payment data being passed around in the open. Until security researchers learn more, you may want to unplug the iron in your next hotel room right after you inspect the mattress for bed bugs.
_________________________________________________________

My original Source: (and plenty of de-bunking talk)
http://www.reddit.com/r/technology/comments/1ps6v3/chinese_appliances_may_contain_wifi_chips/

EDIT: Jokiin posted about this a few days ago as well (Australian site)
http://www.pcauthority.com.au/News/362542,chipped-chinese-kettles-infiltrate-russia.aspx

 

[jokiin]

I posted a link here a day or so ago from an Australian site that ran the same story, not sure how much truth is in it

 

[Street Guardian USA]

I posted a link here a day or so ago from an Australian site that ran the same story, not sure how much truth is in it

I missed your post, the Reddit submission is a few hours old, but the geek.com article is a few days old yeah.

 

[jokiin]

Can't remember where I posted it, just linked to it in a conversation about something else

 

[jokiin]

here it was http://dashcamtalk.com/forum/thread...k-rear-cameras-are-important.2962/#post-33070

 

[Street Guardian USA]

here it was http://dashcamtalk.com/forum/thread...k-rear-cameras-are-important.2962/#post-33070

Ah yes, the"how many of you think rear cameras are important?"thread.
I even posted right before you did there. I didn't subscribe to that one, so let it drift away.

Well it's corny enough to deserve it's own thread. Everyone loves high tech conspiracy theories.

 

[jokiin]

Ah yes, the"how many of you think rear cameras are important?"thread.
I even posted right before you did there. I didn't subscribe to that one, so let it drift away.

Well it's corny enough to deserve it's own thread. Everyone loves high tech conspiracy theories.

yeah the mention of dashcams having this makes it news worthy, not sure if there's any truth to the rumor though

 

[BobDiaz]

"They’re reportedly capable of latching on to any computer within 200 meters that’s attached to an unsecured WiFi network"

That's why your computer should have a Firewall Software installed. There are a number of Firewall Software packages out there, but I like Zonealarm.

http://www.zonealarm.com/security/e...:B001:A002:Exact:U01:T003&term=zonealarm free

 

[kuoh]

I liked ZA back in the day, but I've not been as impressed with the package since the acquisition by Checkpoint. http://www.pcworld.com/article/2058...g-fat-fail-after-the-arrival-of-win-8-1-.html

However, since the primary part of the vulnerability requires your PC to be on an unsecured network, most users should have at least the windows firewall enabled anyway when connecting to those. Also, while many hotels and businesses in the US provide free wifi, most if not all of them also secure the network so only the paying guests can use it. That would prevent the rogue chip from gaining access to the network and search for vulnerable PCs to infect. I don't know if businesses in the rest of the world provides free wifi the same way.

I would be more concerned about "badbios", if it proves to be true, especially if you work a sensitive government agency. http://arstechnica.com/security/201...erious-mac-and-pc-malware-that-jumps-airgaps/

KuoH

"They’re reportedly capable of latching on to any computer within 200 meters that’s attached to an unsecured WiFi network"

That's why your computer should have a Firewall Software installed. There are a number of Firewall Software packages out there, but I like Zonealarm.

 

[jokiin]

I liked ZA back in the day, but I've not been as impressed with the package since the acquisition by Checkpoint. http://www.pcworld.com/article/2058...g-fat-fail-after-the-arrival-of-win-8-1-.html

However, since the primary part of the vulnerability requires your PC to be on an unsecured network, most users should have at least the windows firewall enabled anyway when connecting to those. Also, while many hotels and businesses in the US provide free wifi, most if not all of them also secure the network so only the paying guests can use it. That would prevent the rogue chip from gaining access to the network and search for vulnerable PCs to infect. I don't know if businesses in the rest of the world provides free wifi the same way.

I would be more concerned about "badbios", if it proves to be true, especially if you work a sensitive government agency. http://arstechnica.com/security/201...erious-mac-and-pc-malware-that-jumps-airgaps/

KuoH

generally the way these things are setup though is they emulate a known or popular network, say Linksys or Netgear as their SSID, your computer which is set to remember access points by name will see these 'known' SSID's that you have connected to at some time in the past and attempt to connect

 

[kuoh]

That would be extremely easy to detect and prove, since it has to broadcast the SSID. I didn't see that mentioned in the couple of articles that were linked. I could make a fortune "clearing" appliances in the NSA breakrooms just by walking around with my andorid phone running wifi analyzer. :-D

KuoH

generally the way these things are setup though is they emulate a known or popular network, say Linksys or Netgear as their SSID, your computer which is set to remember access points by name will see these 'known' SSID's that you have connected to at some time in the past and attempt to connect

 

[jokiin]

That would be extremely easy to detect and prove, since it has to broadcast the SSID. I didn't see that mentioned in the couple of articles that were linked. I could make a fortune "clearing" appliances in the NSA breakrooms just by walking around with my andorid phone running wifi analyzer. :-D

KuoH

for sure it's an easy method but things like this just rely on people being lazy with security, do a WiFi scan on any public transport and you see people with open devices all the time, it's even worse at trade shows with thousands of people that should know better, open stuff everywhere

 

[CheckYourLights]

"They’re reportedly capable of latching on to any computer within 200 meters that’s attached to an unsecured WiFi network"

You would be surprised how many people leave their WiFi networks unsecured If you have ever seen people go WarDriving on YouTube you would be a little shocked people leave their regular personal non guest network unsecured i have even seen people set their SSID to their house number and street.

generally the way these things are setup though is they emulate a known or popular network, say Linksys or Netgear as their SSID, your computer which is set to remember access points by name will see these 'known' SSID's that you have connected to at some time in the past and attempt to connect

and then you end up with something like this. Seek to about 3:00 to see the start of the whole idea and about 5:00 he mentions what jokiin is talking about.

 

[jokiin]

I used to watch Hak5 when they first started, haven't watched their stuff for years now

 

[Street Guardian USA]

I just use the built in Windows 8.1 firewall and Defender antivirus. (formerly known as Microsoft Security Essentials)

I haven't had a Trojan, Malware, or virus in many years.

 

[jokiin]

I just use the built in Windows 8.1 firewall and Defender antivirus. (formerly known as Microsoft Security Essentials)

I haven't had a Trojan, Malware, or virus in many years.

I use the same but I think a lot of comes down to common sense, my Dad gets viruses all the time but he keeps downloading free crap off the internet, can't educate him unfortunately, he's in his 80's and won't listen, or just forgets anyway

 

[kuoh]

Currently, no anti-malware application is 100% effective. Not sure if they ever will be. Having a job in the IT support field, I have had to sanitize infected PCs running all major paid and many free anti-malware applications. As Jokiin said, it comes down to user education. The ones that know not to open any suspicious emails, let alone click on the included attachments, usually have little to no trouble. The ones that believe they've won a lottery that they've never entered, have unknown UPS, FEDEX, DHL packages or tax refunds waiting for them are usually the ones that cause the most problems. Then there are the ones that will click on any Facebook, Twitter, Skype or other social networking & IM link.

While you've had good luck with MSE, I could probably Google up a few links for you to follow that will likely lead to your system being compromised in a short period of time. The primary benefit of these AV packages is to catch and fix well known threats, and even then it fails to perform on some of those.

KuoH

I just use the built in Windows 8.1 firewall and Defender antivirus. (formerly known as Microsoft Security Essentials) I haven't had a Trojan, Malware, or virus in many years.

 

[Street Guardian USA]

I've read that MSE is by no means "the best" but I don't want my machine bogged down by additional 3rd party services when I know my common sense, and always being up to date with patches will protect me more than anything else. I too have seen it all from an IT Support perspective. I was an IT Support Specialist at Hewlett Packard for 13 years. (including IT Executive Support for the CEO/VP's)

 

[jokiin]

I've read that MSE is by no means "the best" but I don't want my machine bogged down by additional 3rd party services when I know my common sense, and always being up to date with patches will protect me more than anything else. I too have seen it all from an IT Support perspective. I was an IT Support Specialist at Hewlett Packard for 13 years. (including IT Executive Support for the CEO/VP's)

I've done IT also, how frustrating is it when those higher up the chain are the biggest luddites when it comes to technology, even more so when it's a tech company you're working for

 

[kuoh]

Seems that some problems are the same no matter the reigional culture or geography. By the way Jokiin, don't send out any emails about winning some free dashcam contest, or I just might have to report you to the FBI, CIA, NSA, FDA & ASPCA! ;-)

KuoH

I've done IT also, how frustrating is it when those higher up the chain are the biggest luddites when it comes to technology, even more so when it's a tech company you're working for