Financial Forensic Report 2.8.2021 | Financial Forensic Services, LLC

Your USB Thumb Drives Can Be Used to Compromise Your Computer!

These days, it’s very common for people to share or exchange USB devices. People hand them out at conferences, give them away, and forget them in computers. They are inexpensive and convenient. But be careful; a new exploit has been identified that makes these non-threatening thumb drives capable of malicious actions!

Recently, a major flaw was discovered in the firmware of USB devices that affects all USB devices. Storage devices, keyboards, mice, cell phones, and any other device that has a USB connection can be affected by this flaw. The threat runs deeper than just the information stored on USB drives; it is a flaw in how USB devices work. An attacker can manipulate or re-code a USB device and 99% of the time, it is undetectable as the USB device functions at a layer below that of antivirus software and is automatically trusted by the computer that it is plugged into. An infected USB device can completely take over a computer, invisibly alter files, redirect internet traffic, or capture usernames and passwords. Unfortunately, currently there is no fix for this, and this vulnerability will likely remain for years to come since it is a flaw in the way USB devices are made.

The researchers that discovered this vulnerability recently released the code on the internet hoping to get expedited collaboration to fix this problem, but this also gave access of the code to “bad guys.”

As of right now, we are advising our clients to be EXTREMELY careful with USB devices.

NEVER buy a USB device that has been opened and returned. This includes anything that plugs into your computer with a USB cable.
NEVER plug in a USB device that you find lying around. If you didn’t remove it from the original package, DO NOT plug it into a computer.
If someone hands you a USB device, ask them where they got it. Did they get it new? Was it a gift? IF they are unsure, do not use the device.

What can you do to still use USB devices without worrying about this attack?

Buy some new USB devices and only use them. If you need information from someone else, give THEM a USB device that you know is not compromised. Ask them to put the data you need on it.
If someone needs to send you data, ask them to share the data with you through Dropbox or another sharing service, or ask them to burn the data to a CD.

We will continue to monitor this vulnerability and provide updates. As of now, we ask that you please be very careful with USB devices, and do not use USB devices from untrusted sources.

Thanks to Karl Epps for writing this article. As a computer forensic expert, he provides computer support services including computer claim consulting on computer issues and forensic technology services for more than 150 businesses. He is also an expert witness holding EnCE, CHFI, and CCFE certifications.

______________________________________________________________________________

______________________________________________________________________________

THE PROTOCOL FOR LIFE

One Sunday a plainly dressed, scholarly-looking man went to church in the Netherlands and took a seat near the pulpit. A few minutes later, a lady approached the pew. Seeing a stranger sitting in it, she curtly advised him that this was “her seat.” He graciously apologized, and moved to one of the pews in the back of the church reserved for the poor. There, he joined in the service and left afterword without further incident. When the service was over, one of the woman’s friends asked her if she knew who it was she had ordered out of her pew. “No,” the woman replied casually, “only some stranger, I suppose.” She was shocked to learn from her friend that the stranger was King Oscar of Sweden, who was in the country visiting their queen. There’s a lesson here for you. Whether you go to a big church or a small one, Jesus the head of the church, said, “Where two or three are gathered together in My Name, I am there in the midst of them.” That means, Jesus, the King of Kings, will be present. You must recognize His presence, worship Him, and make Him your central focus. Otherwise, you might as well join a social club or just stay home. The psalmist gives us the protocol: “Enter into His gates with thanksgiving, and into His courts with praise. Be thankful to Him, and bless His name. For the Lord is good; His mercy is everlasting, and His truth endured to all generations”

______________________________________________________________________________

Diagnostic & Prescriptive Judgment Enforcement
By: Joe H. Dickerson, CFE

$24.95 + FREE S&H

Please place your book orders by calling
303.974.5610
during normal business hours Mon-Fri 9am-5pm MT.
or email joe@financialforensicservices.comand make an appointment
for a FREE initial review of your judgment. Thank you!

_____________________________________________________________________________

Testimonial

“Joe is the most competent investigator I’ve ever found. He has rare ability to find hidden assets. Others claim it, Joe has it. He understands the Rules of Evidence, he knows how to talk to people to develop a fact pattern, and he has a sixth sense for fraud. Joe has unquestioned integrity and delivers value for his services.”

Andrew Quiat , Attorney

2014-11-11T18:12:51+00:00

Andrew Quiat , Attorney

https://www.financialforensicservices.com/testimonials/andrew-quiat%e2%80%a8-attorney/

“Joe Dickerson is the industry standard. You can measure the rest by what he does, and I say that without equivocation. Joe has incredible insight into the dark world of fraud. He understands the devious ways in which people perpetrate white-collar crime.”

Jan Schlichtman , Attorney at Law

2014-11-11T18:20:55+00:00

Jan Schlichtman , Attorney at Law

https://www.financialforensicservices.com/testimonials/jan-schlichtman%e2%80%a8-attorney-at-law/

“As an environmental law firm, we use Joe Dickerson to locate prior business owners and do corporate genealogies. He is persistent, that’s the key to a good investigator, and he has a knack for understanding how people move money and do business. That tells him what rocks to look under. Joe is vastly superior to other investigators in two ways: he lets you know what’s going on and he’s honest with you, because he tells you if there’s really anything there worth pursuing. He is unusually thorough and creative finding people. Joe has earned his fee every time.” “If the information is to be found, then I believe that they will find it. Their service enabled me to do a much better job for my client.”

Tim Gabelhouse , Attorney at Law

2014-11-11T18:20:41+00:00

Tim Gabelhouse , Attorney at Law

https://www.financialforensicservices.com/testimonials/tim-gabelhouse%e2%80%a8-attorney-at-law/

“Joe spends the time to understand the problem from the client’s perspective and from the legal perspective. He is intelligent, tenacious, willing to work as hard as it takes, thorough, well-informed, and just awfully good at what he does.”

Thomas E. Root,  Attorney

2014-11-11T18:20:05+00:00

Thomas E. Root,  Attorney

https://www.financialforensicservices.com/testimonials/thomas-e-root-%e2%80%a8attorney/

“Financial Forensic Services did an excellent job in the way they executed my case. They were very straightforward. They stated what they could do for us and they did it. And, from a personal standpoint, they are excellent. Both my wife and I felt very comfortable working with them.”

Michael Whalen,  Businessman

2014-11-11T18:21:13+00:00

Michael Whalen,  Businessman

https://www.financialforensicservices.com/testimonials/michael-whalen-%e2%80%a8businessman/

“When I was general counsel for First Interstate Bank, I used Joe Dickerson for locating assets, investigating behavior and asset discovery. He did excellent work and always got the information I needed without compromising the bank in any way. He’s more thorough and kept in better touch with me than other investigators. I’d give him a grade of 96 or 97 out of 100.”

Frank Brainerd, Retired Banker/Attorney

2014-11-11T18:20:20+00:00

Frank Brainerd, Retired Banker/Attorney

https://www.financialforensicservices.com/testimonials/frank-brainerd-retired%e2%80%a8bankerattorney/

” I was prepared to dismiss a federal case involving millions of dollars against a local individual who claimed to have no substantial assets. After your staff hit the records and delved into the transactions behind the transactions, you discovered the individual to actually be worth a few million dollars. We continued the case to conclusion. We were also very happy with the financial background examinations you conducted of the former directors of two failed national banks. The heart of any civil case is whether there is a pot at the end of the lawsuit. You were our lucky leprechaun in finding such pots.”

R. Michael Sentel , Former Section Chief Legal Division, FDIC

2014-11-11T18:13:08+00:00

R. Michael Sentel , Former Section Chief Legal Division, FDIC

https://www.financialforensicservices.com/testimonials/r-michael-sentel%e2%80%a8-former-section-chief-legal-division-fdic/

“They went overboard in providing excellent service. I was very pleased with what they provided for me as their end product. Financial Forensic Services really understands how a case needs to be put together in order to be presented to a jury. Their PowerPoint presentation tied everything together. It was thorough, it was concise, and it got the job done.”

Jim Thomas , Prosecuting Attorney

2014-11-11T18:21:32+00:00

Jim Thomas , Prosecuting Attorney

https://www.financialforensicservices.com/testimonials/jim-thomas%e2%80%a8-prosecuting-attorney/

As Seen In

Testimonial