cybersecurity

3422 readers

15 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub

Investigating USB-to-Ethernet Dongles With “Malware” Claims (hackaday.com)

submitted 2 days ago by cm0002@lemmy.world to c/cybersecurity@infosec.pub

3 comments fedilink hide all child comments

top 3 comments

sorted by: hot top controversial new old

[–] slazer2au@lemmy.world 21 points 2 days ago* (last edited 2 days ago) (1 children)

TL;DR

It's not malware. The sandboxes flagging this as malware are doing it because the dongle is installing a driver. Like it should do.

Erik Parker did a video reverse engineering the installer and shows the driver doing what it should.
https://www.youtube.com/watch?v=GY87l_uSIuA

[–] Steamymoomilk@sh.itjust.works 1 points 2 days ago

Awwwwh no funny red head dancing man on my computer?? :(

[–] catloaf@lemm.ee 3 points 2 days ago

Both chips have an external SPI Flash option, which is used with the USB side to present a ‘virtual CD drive’ to the user when the dongle is plugged in.

Ah, the bad old days of device drivers. I don't miss them at all.