Kamkar has been working on the new project for some time, looking for a way to install the backdoor without needing to use the mouse and keyboard. The solution he came up with is elegant, fast and effective. By using code that can emulate the keyboard and the mouse and evade the security protections such as local firewalls, Kamkar found a method to install his backdoor in just a couple of seconds and keep it hidden on the machine. He loaded the code onto an inexpensive Teensy USB microcontroller.
Kamkar’s USBdriveby attack can be executed in a matter of seconds and would be quite difficult for a typical user to detect once it’s executed. In a demo video, Kamkar runs the attack on OS X, but he said the code, which he’s released on GitHub, can be modified easily to run on Windows or Linux machine. The attack inserts a backdoor on the target machine and also overwrites the DNS settings so that the attacker can then spoof various destinations, such as Facebook or an online banking site, and collect usernames and passwords. The backdoor also goes into the cron queue, so that it runs at specified intervals."