the NSA had developed the Stuxnet worm in tandem with the Israelis, and said thumb drives were first used to introduce the virus into the Natanz plant in 2008.
I been telling people this for a few years now that it was almost certainly thumb drives that got Stuxnet into the Iranian sites....idle geeks hands and thumb drives are the devil's playthings :-)
I'd love to get a look at the thumbs they used to distribute Stuxnet.
From an earlier post I made a while back.
-------------------------------------------
any good geek could make a crude version of this at home.
You would need.
-A small custom board... less than a buck at itead studios.
-A micro-controller that can handle USB and read/write a micro SD card.
-A small xtal oscillator part to send out the data bursts..use a board trace as antenna.
-Custom programming to handle the hidden section of the SD card and discern what data to store there (pdf’s jpg. etc)
-Stuff your populated board into a plastic shell from a popular thumb drive.
-Print up an envelope that looks like something sent from a commercial computer parts supplier or whatever and stick the custom thumb drive in as a promotional gift and mail to the target.
-— And you are now an amateur gov snoop. This is similar to how the Stuxnet virus was introduced to Iranian nuclear sites.
I built a custom thumb drive exactly as described above...it cost less than 20 dollars to construct. You can update the firmware in the Atmega32 processor by simply putting a .dat file on the visible 8gb and plugging into a USB port...the .dat file is erased after the update.
The same method is used to dump the contents of the hidden 8gb. The Atmega32 encrypts the data sent to the hidden section with a fast stream algorithm. The key is generated by a diode noise source. You have to brute-force decrypt the data... thus you have left no key in the firmware of the Atmega32.
I used a sm oscillator scrounged from an old motherboard as the rf oscillator to transmit data from the hidden SD card section... It worked well at about 1/4 mile between a friend’s house and my roof mounted broadband yagi.
I’m designing a custom thumb now that will allow me to place files on to the thumb remotely and not simply gather data using the oscillator on the thumb drive... 2way data.... easily done you see... it’s the same ability a cheap USB WiFi or bluetooth adapter has.
------------------
Using a drive like the one I built would enable you to place the virus/worm on the hidden 8gb flash section and then load it onto the visible section at any time...suddenly a perfectly safe thumb drive is no longer safe... once the deed is done then erase your tracks by deleting the files from the visible flash section.
The NSA will be watching you very closely now.