Is it possible that some form of Arduino malware could be developed? Or maybe, a Windows virus could be spread via an Arduino board, through an uploaded sketch which triggers a (malicious) file to be copied over to a computer once a USB cable is plugged in, or maybe through some kind of removable media (e.g. a MicroSD card or USB stick).
Didn't Stuxnet spread like that, through USB sticks plugged into computers running Windows, then spread to PLCs (quite similar to an Arduino)?
Apparently, people are already doing this with Arduinos (although just experimentally). I saw a YouTube video on it.
What if lots of Arduino hobbyists started buying Arduino boards off of eBay which, unkown to them, contained a malicious sketch which spread malware to their computer AND other Arduino boards whenever they were connected, and then, their computer started spreading the sketch to other Arduino boards? It could spread to a good chunk of Arduino hobbyists. Glad I don't use Windows....
Things like USB sticks become carriers of viruses because companies like Microsoft are stupid enough to build-in the ability for the PC to automatically execute an application from or script from the stick by doing nothing more than plugging the stick into a USB port. No such capability exists for an Arduino. There is no software resident on a PC that will know or care that an Arduino is connected unless the user installs that software.
Would be an impressive achievement for the malicious actor.
They'd need markedly larger (in terms of memory and capability, not size) chips disguised as the atmel chips, and sine way to infect the computer from usb without tipping people off, though they could use usb flash drive exploits, by acting as a composite device - assuming they had some trick to hide that from view, else it'd get noticed fast. The exploit would have to use some bogus usb device.
It's technically possible, but would be very expensive (fake boards, custom chip with false markings, the software), and hard to keep hidden for long - a targeted attack would be more practical - but hard to justify (there are easier ways of compromising computers), unless you were the target of espionage of some sort. So, don't use Arduinos of unknown provenance to control the centrifuges in your clandestine nuclear program.
RayLivingston:
Things like USB sticks become carriers of viruses because companies like Microsoft are stupid enough to build-in the ability for the PC to automatically execute an application from or script from the stick by doing nothing more than plugging the stick into a USB port. No such capability exists for an Arduino. There is no software resident on a PC that will know or care that an Arduino is connected unless the user installs that software.
Regards,
Ray L.
What if the "life cycle" of the virus/malware went like this:
Malware writer writes a Windows virus.
Malware writer decides to spread Windows virus through Arduino boards.
Malware writer writes a sketch which spread an exe file to a computer when it is plugged in (Arduino detects the computer, not the other way around).
Malware writer sells the Arduino boards on eBay at a very low price.
Victim(s) plug Arduino boards into their computers.
Arduino board detects computer and, using an exploit, bypasses any security mechanisms and somehow manages to upload the exe file to the computer (now that's a role reversal!).
Computer is infected with malware (keylogger, centrifuge disrupter, drive scrubber, etc.).
Whenever another (malware-free) Arduino board is connected to the computer, it spreads the malicious sketch to it. This allows the board to continue to infect other computers, which infect other boards, and the cycle continues.
The infected Arduino board can also directly infect other boards with the Windows malware spreader.
When a removable drive (e.g. USB drive, MicroSD card, etc.) is connected to either the Arduino board OR the computer, they will both spread the Windows malware.
v074:
6. Arduino board detects computer and, using an exploit, bypasses any security mechanisms and somehow manages to upload the exe file to the computer (now that's a role reversal!).
Use Linux, not Windows.
It amazes me that a company with the brain power of Microsoft has not dealt with viruses the same way that nature does - by having a few different versions of Windows so that there is not a single common platform on which viruses can feed. After all that is one of the reasons why in-breeding is a bad idea.
It amazes me that a company with the brain power of Microsoft has not dealt with viruses the same way that nature does - by having a few different versions of Windows so that there is not a single common platform on which viruses can feed. After all that is one of the reasons why in-breeding is a bad idea.
...R
I do use Linux. I use Ubuntu 15.04. Fast boot up (after the switch to systemd in 15.04), low system requirements (ideal for netbooks), EXCELLENT security (in a world of its own), pre-installed office suite (LibreOffice), all of your apps in one place (Ubuntu Software Centre) and a brilliant search function no matter what app you're in (dash).
Once you install Ubuntu, you never look back.
I call uninstalling Windows "uninstalling fascism".
This standalone programmer card I offer connects to other boards' ICSP port and loads user selected program from an SD card.
Programming another card via serial port requires the other card to have a bootloader installed. http://www.crossroadsfencing.com/BobuinoRev17/
As the Leonardo can emulate a keyboard/mouse could you get it to pump out the required keyboard key sequences to open a CLI, connect to and download a payload from your server that it then executes?
Or maybe just open notepad (assumes Windows), write an entire batch program, save it and execute it?
But the amount of people who actually use Arduino (or even KNOW what an Arduino is) is very small compared to the number of people who use Windows computers, without anything to do with Arduino.
Why would a malware writer do this, if he could spread his virus through some other system. Some other system that will affect ALOT more people than our small community of Arduino-nerds (I use "nerds" as a compliment here)
If I was a virus maker (which I'm not... hey who's at the door? The CIA? Really? Gotta get outta here!) I would target alot more people than just Arduino people.
It's not a virus. No propagation; just a sketch that can brick your D21 so that you can't upload a new sketch.
(Maybe. Some SAMD21 have a "doubletap reset" feature for recovering from "similar" situations; I never got a response whether it works with this particular sketch.)