Threat Category: SD Card
ID: STA-42
Threat Description: If the configuration of the mobile device and computer allow, an attached SD card will automatically be mounted by a USB-connected computer as a mass storage device. If the SD card contains executable files designed to automatically execute (e.g. autoexec.bat), they will automatically execute. A malicious mobile app can exploit this weakness by writing malicious executables to an attached SD card.
Threat Origin
Exploiting Smart-Phone USB Connectivity for Fun and Profit 1
Exploit Examples
Exploiting Smart-Phone USB Connectivity for Fun and Profit 1
CVE Examples
Not Applicable
Possible Countermeasures
Configure the computer to not automatically execute content stored on mounted USB devices.
Mobile Device UserConfigure the mobile device to not automatically make attached SD media available to a USB-connected computer.
Remove any attached SD card from the mobile device prior to connecting to a computer.
Use an anti-malware app to scan the attached SD card for malicious files prior to connecting to a computer.
References
Z. Wang and A. Stavrou, “Exploiting Smart-Phone USB Connectivity for Fun and Profit”, in Proceedings of 26th Annual Computer Security Applications Conference, 2010, pp. 357-365; https://dl.acm.org/doi/pdf/10.1145/1920261.1920314?casa_token=5XmsJ5lz06EAAAAA:HavUpmf81lNQ74ooinjWS1BZkQMkfhsbWJwFwa3UEieHGYKTCmv-TSwwaHRQhz-I4XFzdzkDHEOA [accessed 8/1/2022] ↩ ↩2