USB Charger Bug

Wi-Fi+ Vulnerability

Introduction

Imagine this. You enter a room in your corporate facility ahead of a meeting. You realize you need to charge your device and notice that there’s already a charging brick plugged into the wall. Relieved, you take out your USB cable, plug it into the brick, and your device begins charging as expected. The meeting begins, and you don’t think anything of the USB charger sitting innocently in the room. However, this seemingly innocuous USB charger pictured to the right is actually a sophisticated video and audio surveillance device acitvely exfiltrating video and audio out of your “secure” meeting room. Let’s dive in.

This information is provided for general awareness and defense purposes only.  This information also is not intended to be a complete description of the functionality or risks of the identified tools.

What is A USB Charger Bug?

These commercially available charging bugs are nearly impossible to distinguish from its harmless twin upon first inspection. They still function as expected, providing charging services to the user. However, upon a closer inspection of the wireless activity in this space, you would realize that this device is actually connected via Wi-Fi, Bluetooth, or another RF protocol depending on the model, and actively exfiltrating video and audio.

How Does it Work?

Via the embedded camera and microphone, this USB charger bug is able to stealthily exfiltrate video and audio from any location straight to a malicious actor’s device. With its wireless connectivity, the hacker does not even need to be in the same room to access this video and audio feed provided by the bug.

CTO Dr. Brett Walkenhorst defines Wireless Threat Intelligence, setting the scene for our discussion here of detecting wireless hacker devices like the USB Charger Bug

How Can I Uncover a USB Charging Bug?

Despite its seemingly benign physical appearance, these USB charging bugs are anything but. Using wireless intrusion detection systems and continuous monitoring, like the services offered by Bastille’s system, you will be able to detect any wireless device within your space, including this wireless USB charging bug, both in its connected and beaconing state. This visibility will allow you to take prompt action to address the threat to your organization’s security.

What Can I Do to Defend Against This Threat?

Bastille recommends a few security best practices for this type of threat:

  • Implement Wireless Monitoring in Your Space: Gaining visibility into the wireless activity within your space is key when trying to identify relatively innocuous devices such as these commercial tagging devices.
  • Be Wary of Public Charging Areas: Anytime that you are using public charging stations, be wary of the cables and USB charging blocks that are in use.
  • Update and Enforce Your Security Policy: Establish and educate upon a corporate policy for all employees regarding these types of devices to help keep your space secure.
  • Stay Up to Date: The landscape of wireless security is constantly evolving. In order to defend against these threats, you need to know what’s out there. Check out our recent webinar on Wi-Fi Vulnerabilities in which CTO Dr. Brett Walkenhorst dives into the Wi-Fi protocol and covers various hacker devices similar to the USB Charging Bug.