Security experts extract 75,000 ‘highly sensitive’ files from 100 USB drives sold on eBay that could be used by hackers to blackmail sellers who did not properly wipe the devices
- Experts bought 100 USB drives on eBay and extracted 75,000 files from them
- The devices held passwords, bank statements, internet history and more
- Researchers used publicly available tools to extract the document
Cybersecurity researchers recovered 75,000 ‘highly sensitive’ documents from USB devices auctioned off on eBay.
The University of Aberlay purchased 100 secondhand devices and all by 32 of them contained ‘deleted’ files that could be extracted using publicly available tools.
The files were collected using a USB Write Blocker, a forensic tool used to pull mass data from devices, and a standard computer.
Once the image files were collected, the team saw records included passwords, bank statements, health records and more – enough data for hackers to blackmail sellers.
Scroll down for video
Cybersecurity researchers recovered 75,000 ‘highly sensitive’ documents from USB devices auctioned off on eBay. The University of Aberlay purchased 100 secondhand devices and all by 32 of them contained ‘deleted’ files that could be extracted using publicly available tools
Professor Karen Renaud from Abertay’s Division of Cybersecurity, said: ‘This is extremely concerning, and the potential for this information to be misused with extremely serious consequences is enormous.
‘An unscrupulous buyer could feasibly use recovered files to access sellers’ accounts if the passwords are still valid, or even try the passwords on the person’s other accounts given that password re-use is so widespread.’
When the team first plugged the USB drives into the computer, it appeared that 98 of them were empty.
But once they attached them to the USB Writer Blocker, the documents immediately appeared – only 32 of the drives had been properly wiped.
The data, according to researchers, is enough ammunition for a hacker to launch an attack like draining a bank account or blackmail the device’s owner by threatening to reveal embarrassing information
Partial files were extracted from 26 devices and every single file was extracted from the remaining 42 USB drives.
‘Image Files titled ‘Passwords[1-10].jpg’; CVs, Personal statements, Employment contracts, Time sheets; Data relating to apprenticeship trainees; Invoice records; Divorce information, Bank statements, Health records, and saved web pages,’ the team shared in the study.
The data, according to researchers, is enough ammunition for a hacker to launch an attack like draining a bank account or blackmail the device’s owner by threatening to reveal embarrassing information.
Professor Renaud said that the sellers would not have been aware that they had left data on the drive: ‘A lot of people don’t realize it, but the way many computers delete files doesn’t actually remove them.
‘What happens is that the file is removed from the index so that they are effectively hidden from view.’
‘They’re still there though and if you know how, you can easily recover them using publicly available forensics tools.’
However, there is a method to properly erase files from devices.
On a PC, open the command prompt from the Start Menu and type ‘format e: /p:3,’ (if ‘e’ isn’t the letter for the flash drive, change that accordingly).
For Mac owners, On a Mac, open the Disk Utility app, select the drive, click ‘Erase,’ then click ‘Security Options’ and move the slider control to the third, ‘3-pass secure erase’ option.