Go Down

Topic: Could an Arduino virus ever be created? (Read 10347 times) previous topic - next topic

v074

Is it possible that some form of Arduino malware could be developed? Or maybe, a Windows virus could be spread via an Arduino board, through an uploaded sketch which triggers a (malicious) file to be copied over to a computer once a USB cable is plugged in, or maybe through some kind of removable media (e.g. a MicroSD card or USB stick).
Didn't Stuxnet spread like that, through USB sticks plugged into computers running Windows, then spread to PLCs (quite similar to an Arduino)?
Apparently, people are already doing this with Arduinos (although just experimentally). I saw a YouTube video on it.

Self-replicating Arduino sketch
Arduino sketch that can program other boards

What if lots of Arduino hobbyists started buying Arduino boards off of eBay which, unkown to them, contained a malicious sketch which spread malware to their computer AND other Arduino boards whenever they were connected, and then, their computer started spreading the sketch to other Arduino boards? It could spread to a good chunk of Arduino hobbyists. :smiley-eek-blue: Glad I don't use Windows.... :smiley-roll:

jremington

Of all the things there are to worry about, that one is way, way, WAY down on my list.

RayLivingston

Things like USB sticks become carriers of viruses because companies like Microsoft are stupid enough to build-in the ability for the PC to automatically execute an application from or script from the stick by doing nothing more than plugging the stick into a USB port.  No such capability exists for an Arduino.  There is no software resident on a PC that will know or care that an Arduino is connected unless the user installs that software.

Regards,
Ray L.

DrAzzy

Would be an impressive achievement for the malicious actor.

They'd need markedly larger (in terms of memory and capability, not size) chips disguised as the atmel chips, and sine way to infect the computer from usb without tipping people off, though they could use usb flash drive exploits, by acting as a composite device - assuming they had some trick to hide that from view, else it'd get noticed fast. The exploit would have to use some bogus usb device.

It's technically possible, but would be very expensive (fake boards, custom chip with false markings, the software), and hard to keep hidden for long - a targeted attack would be more practical - but hard to justify (there are easier ways of compromising computers), unless you were the target of espionage of some sort. So, don't use Arduinos of unknown provenance to control the centrifuges in your clandestine nuclear program.
ATTinyCore for x4/x5/x61/x7/x8/x41/1634/828/x313 megaTinyCore for the megaavr ATtinies - Board Manager:
http://drazzy.com/package_drazzy.com_index.json
ATtiny breakouts, mosfets, awesome prototyping board in my store http://tindie.com/stores/DrAzzy

AWOL

Who told you about my centrifuge programme?

v074

Things like USB sticks become carriers of viruses because companies like Microsoft are stupid enough to build-in the ability for the PC to automatically execute an application from or script from the stick by doing nothing more than plugging the stick into a USB port.  No such capability exists for an Arduino.  There is no software resident on a PC that will know or care that an Arduino is connected unless the user installs that software.

Regards,
Ray L.
What if the "life cycle" of the virus/malware went like this:
1. Malware writer writes a Windows virus.
2. Malware writer decides to spread Windows virus through Arduino boards.
3. Malware writer writes a sketch which spread an exe file to a computer when it is plugged in (Arduino detects the computer, not the other way around).
4. Malware writer sells the Arduino boards on eBay at a very low price.
5. Victim(s) plug Arduino boards into their computers.
6. Arduino board detects computer and, using an exploit, bypasses any security mechanisms and somehow manages to upload the exe file to the computer (now that's a role reversal!).
7. Computer is infected with malware (keylogger, centrifuge disrupter, drive scrubber, etc.).
8. Whenever another (malware-free) Arduino board is connected to the computer, it spreads the malicious sketch to it. This allows the board to continue to infect other computers, which infect other boards, and the cycle continues.
9. The infected Arduino board can also directly infect other boards with the Windows malware spreader.
10. When a removable drive (e.g. USB drive, MicroSD card, etc.) is connected to either the Arduino board OR the computer, they will both spread the Windows malware.

No Arduino autorun feature would be required.

-dev

#6
Jul 08, 2015, 06:37 pm Last Edit: Jul 08, 2015, 06:38 pm by /dev
Really, I used to be /dev.  :(

v074

Who told you about my centrifuge programme?
The CIA. They know about you. It's over.  :smiley-eek:

Robin2

#8
Jul 08, 2015, 07:17 pm Last Edit: Jul 08, 2015, 07:17 pm by Robin2
6. Arduino board detects computer and, using an exploit, bypasses any security mechanisms and somehow manages to upload the exe file to the computer (now that's a role reversal!).

Use Linux, not Windows.

It amazes me that a company with the brain power of Microsoft has not dealt with viruses the same way that nature does - by having a few different versions of Windows so that there is not a single common platform on which viruses can feed. After all that is one of the reasons why in-breeding is a bad idea.

...R
Two or three hours spent thinking and reading documentation solves most programming problems.

v074

Use Linux, not Windows.

It amazes me that a company with the brain power of Microsoft has not dealt with viruses the same way that nature does - by having a few different versions of Windows so that there is not a single common platform on which viruses can feed. After all that is one of the reasons why in-breeding is a bad idea.

...R
I do use Linux. I use Ubuntu 15.04. Fast boot up (after the switch to systemd in 15.04), low system requirements (ideal for netbooks), EXCELLENT security (in a world of its own), pre-installed office suite (LibreOffice), all of your apps in one place (Ubuntu Software Centre) and a brilliant search function no matter what app you're in (dash).
Once you install Ubuntu, you  never look back.
I call uninstalling Windows "uninstalling fascism".  :D

Coding Badly


CrossRoads

"Arduino sketch that can program other boards"

This standalone programmer card I offer connects to other boards' ICSP port and loads user selected program from an SD card.
Programming another card via serial port requires the other card to have a bootloader installed.
http://www.crossroadsfencing.com/BobuinoRev17/
Designing & building electrical circuits for over 25 years.  Screw Shield for Mega/Due/Uno,  Bobuino with ATMega1284P, & other '328P & '1284P creations & offerings at  my website.

Isaac96

You could theoretically have a small .bat file on the 16u2. You could replace it with a 32u2 for more flash.
Do not PM me for help. I will delete immediately.
CONNECT THE GROUNDS!

After Tuesday, even the calendar goes W T F

Riva

As the Leonardo can emulate a keyboard/mouse could you get it to pump out the required keyboard key sequences to open a CLI, connect to and download a payload from your server that it then executes?
Or maybe just open notepad (assumes Windows), write an entire batch program, save it and execute it?
Don't PM me for help as I will ignore it.

pYro_65

Forum Mod anyone?
https://arduino.land/Moduino/

Go Up