Evil Maid USB Malware Steals TrueCrypt Software Encryption Passwords
Joanna Rutkowska, virtualization and security researcher, has released a Proof of Concept malware that allows an attacker to steal software encryption passwords. Her current version is designed to attack TrueCrypt software encryption, but can be evolved to attack any other software encryption product, and even BitLocker on a TPM-enabled machine.
The attack works like this:
1. you leave your computer in your hotel room while you go to the gym to work out.
2. the maid enters the room, and inserts a bootable USB flash drive or bootable hard drive into your computer.
3. the maid boots your computer, which boots of the USB drive.
4. the drive installs low-level malware into your computer, modifying the TrueCrypt loader and master boot record.
5. you come back from the gym and boot your computer, and enter your software encryption password.
6. the malware logs your password and stores it on the computer.
7. the next day, the evil maid can steal your laptop, or use another bootable tool to extract your password and decrypt your computer.
One of Joanna’s suggested workarounds was to lock your laptop up when you leave it in your room, or to never leave your laptop unattended, even if turned off.
I suggest that a better approach might be to store your important information on a hardware encrypted IronKey USB device. It’s small enough to take with you to the gym, and it’s even waterproof so you can take it into the shower!
Similar Posts:
- New Banking Trojan Attacking Users of Corporate Banking Services
- NIST Investigating Companies Who’s FIPS 140-2 Validated Products Were Hacked
- UCM Students Indicted After Trying to Sell 90,000 Classmates Personal Information
- USB Driver Bugs Could Be An Attack Vector
- Are You a Victim of This Computer Crime?
Leave a Reply