Posted by: David Harley | February 15, 2011

Booby-Trapped Library PCs

No hoax here: more of a Public Service Announcement.

A new Sophos story talks about public access PCs in two public libraries in the UK (specifically, in the Manchester area) found to be compromised  by hardware keyloggers. In other words, for an unknown period of time, when library customers used those PCs, every keystroke was monitored by persons unknown. (Think data theft, password stealing and so on…) 

Hopefully, you’re already cautious about the sort of transaction you carry out on computers you don’t own, and/or where you can’t vouch that the security is adequate, especially in public access contexts where there’s very little control over who has access. But it’s salutary to remember that entirely respectable organizations can overlook loopholes that threaten the privacy and safety of anyone who uses their services. And this sort of device is easy to get hold of: much less effort than stuff like ATM skimmers…

Note that according to the local press, another device disappeared from the Wilmslow library before it could be confiscated, so if you’ve been using a machine there, you might want to check the safety of your accounts (even stuff like webmail access).

More info:

David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow

Advertisements

Responses

  1. […] This post was mentioned on Twitter by David Harley, ESET Research and David Harley, David Harley. David Harley said: Booby-Trapped Library PCs: http://wp.me/pOMVc-6L […]

  2. […] information at http://wp.me/pOMVc-6L, and a hat tip to Graham […]

  3. […] a follow-up on my previous blogs https://chainmailcheck.wordpress.com/2011/02/15/booby-trapped-library-pcs/ and  http://blog.eset.com/2011/02/24/keyloggers-in-the-library: more comment and information […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: