1 / 7

Phishing with Consumer Electronics : Malicious Home Routers

Phishing with Consumer Electronics : Malicious Home Routers. Alex Tsow atsow@cs.indiana.edu. Generalized Phishing. Broadcasting + Spoofing Spam + Spoofed webhost Online Marketplace + Spoofed Electronics Communications devices are mutable embedded systems Network routers Cell Phones

jsteiner
Download Presentation

Phishing with Consumer Electronics : Malicious Home Routers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Phishing with Consumer Electronics : Malicious Home Routers Alex Tsow atsow@cs.indiana.edu

  2. Generalized Phishing • Broadcasting + Spoofing • Spam + Spoofed webhost • Online Marketplace + Spoofed Electronics • Communications devices are mutable embedded systems • Network routers • Cell Phones • Computer motherboards

  3. The Online Marketplace • Available to millions without spamming • Confers feeling of control to buyer • Unverified identities and products, caveat emptor • Seller chooses own jurisdiction • Trust cultivated by reputation system • Measures mostly transactional satisfaction

  4. Sustainability: Volume • Expensive startup costs • $45 to $120 per router • 131 of 145 “Linksys 802.11g routers” sold in a week • Estimate selling 15 per week • Estimate 3 victims per router • 45 victims per week is roughly 1% of all victims attributed to phishing in US.

  5. Sustainability: Benefits • $6,383 average identity fraud in 2006 • $2100 misuse of existing account • $10,200 new account & other fraud • 45 x 52 x $6,383 = $14,936,220 • 45 x 52 x $2,100 = $4,914,000 • Total distribution overhead • $34,000 to $81,000

  6. Conclusion • Malicious embedded software is not just a theory • Must be able to trust your hardware vendor • At $5-$20 million a year, someone will do this, or is already doing it

More Related