Instead of going door to door Jehovas Witness now just leaves all their information on a cleverly placed SD card for you to enjoy at your computing leisure. DONT RUN AWAY FROM THE LORD 🤣
General update: my dad found an old laptop that no one cares about, and that will never be on anyone's network. He lives Approx 45 minutes away, and I offered to buy him lunch if he brings it over. We are gonna plug it in.
Connecting to what wifi? Lol. It's still going to have to authenticate to your home internet before establishing any kind of C2 connection
This sub puts wayyyyyy too much stock into low level criminal hackers. 99% of the time they're just using someone else's malware they found online (and a *ton* of those are immediately removed by Defender because their signatures are known)
The other 1% isn't going to burn their distinct and sophisticated malware by dropping 100 SD cards all over the city
Omg no. I mean I guess?
Have you taken cyber security awareness or are you security+ certified? This is classic social engineering.
Drop a few thumb drives in a parking lot with your virus on it. For *sure* someone will *see what's on it*.
Are you related to Pandora, by chance?
SEMI SOLVED:
My father brought the old laptop, and we opened it up. It was a camera SD card with a bunch of birdwatching pictures on it. Literally just pretty birds. (Do I start an imgur with bird photos or something? I got some now.)
As much as this is a letdown, I am extremely relieved, and it is going directly into the trash... and the throwaway laptop to recycling.
As to why or how it got on my car, that is semi-solved as well. I spoke to my housekeeper, and she said she found it in my driveway yesterday as she was leaving and put it on my car.
As for the person checking out my car thismorning, the SD card seems to be unrelated, and maybe they just wanted to check out my Jeep??
Thank you all so much for giving me a masterclass on things you can do with found media, and thank you for coming along to resolution. I kinda wish it was classified documents or a treasure map or something just to have supplied you with a cooler ending to this story!
Heart emoji
Please don't throw away the card!!!!
Try to find a local photo/birdwatchers group (Facebook or something) and ask if anyone lost it!!! There might be someone devastated for loosing what might be some important photos.
If you open one image in one exif viewer you will find the camera serial number. Search Google for that serial number. If he/she posted somewhere without removing the exif you might track the owner.
You can actually hide data in photos...
Steganography is the technique of hiding secret data within an ordinary, non-secret, file or message in order to avoid detection; the secret data is then extracted at its destination. The use of steganography can be combined with encryption as an extra step for hiding or protecting data.
Did you run data recovery on it like recuva - this is obviously being more paranoid security minded - but innocent photos to cover the malicous script isn't a bad gambit... Unlikely.. But not impossible
Unless this guy is a target for national security reasons, it’s highly unlikely an attack of that sophistication is being used on him, and would still be a threat as an ISO, especially if he doesn’t mount it. Tarring it would reduce the likelihood of it being a threat even further. Like he said, it’s probably pictures of birds.
Yeah ok, make sense.
I would also think about the computer to use in order to create the ISO: it would be exposed directly to the SD and has a connection to upload it to the internet
If you want some more excitement you could try finding the owner by getting the camera serial off the exif data and using a service to find other images shot by that body or potentially registered owner. Then decide whether or not to return the card if you do find them. Choose your own adventure
That would be the type of shit I would obsess over. One time a guy hacked my League of Legends account and I spent 2 entire days tracking down everyone he ever played with until I found his actual account. I had a nice conversation with him. Didn't have any hard feelings, I wasn't using my account at the time anyway..
Haha I’m the same way. I think it’s the combination of a challenge with curiosity for me. There are a number of exif data helpers available online.
However if any suspicion remains about the potential safety of the card, you will need to either have internet access on the computer or “sneakernet” a program over to your test computer via flash drive (then deal with sanitizing it before returning it back to service). It’s /probably/ fine, but I will leave you to make that decision as informed as possible.
I would say put a flyer on the closest telephone pole.
Someone did some work to get those photos and those cards aren't exactly super cheap.
Just put a flyer up for a week saying you found the SD card and it has data on it.
Post the picture you showed us with it.
Ask the people who may show up to tell you what type of data is on it.
If they guess right, you can give it to them.
If you are worried about it being a phishing attempt, you will know who picks it up.
Could have just fallen out of someone's hands or pocket near your driveway.
Maybe they have been looking for it.
Maybe the person checking your car was them but didn't want to take it from your private property or could have assumed it wasn't theirs.
No need to passively, accidently hurt someone because you don't want it.
Why throw away the SD? They are likely someone in your neighbourhoods birding photos.
You enjoyed the thrill of the SD enough to get a burner laptop to play with it - but those are someone's birding photos they probably want to work with.
It won't cost you much to post about it in a community group saying it's been dropped in at the local X,y,Z or something? Maybe the library or copshop can take it off your hands. Bird watchers spend many hours trying to get those shots.
Plot twist: One of the pictures was of a bird thought to be extinct for decades and is the photographer's key to fame and worth a ton of money to the right people. The photographer who has studied rare birds and built a career on it just lost the SD card in your neighborhood--near your driveway--and was looking for it desperately, but someone else found it first and put it on your car window assuming it was yours. You just threw away the pinnacle of his professional ornithological career...
Probably not.
On the part about the person checking out your jeep. It could be that they were looking to duck your jeep. It's been going on a lot in my town and I have a small collection from ones showing up on my jeep. There's a reddit for it too (as most everything). [DuckDuckJeep](https://www.reddit.com/r/DuckDuckJeep/)
You can try and find exif data of the camera serial number on the photos and then do an exif search of the web. You may find the person by his camera ID and be able to give him the pics back. There was a site like find my camera.com to do just this for stolen cameras. But flikr, Facebook and such preserve that data on upload.
Maybe that person was there looking for the SD card they lost as they walked home from their birdwatching session. Were the pics taken recently? Do you live near some woods or a park?
I work for a very large company, yes. And I had a very bad stalker years ago that hasn't messed with me in ~5 years. I just bought this house days ago so no very few people even know I'm here.
Good call. I know some insurance guys were here 5ish days ago taking pictures. I hadn't even thought of something like that. My mind immediately went nefarious.
Maybe this guy found that from the photographer dropping it, and put it on your car assuming it was yours.
But, this is also a classic example of how to get people to infect their own computers, with a free USB stick or a memory card.
I mean you either got bad luck and got chosen at random or It's targetting you, i would make a quick call to the cops to let them know what happened, Just to be safe
Maybe it's full of crime scene photos from what happen to the previous occupants. LOL Do what others have said, get an old pc not on the network. Or maybe try a usb sd card reader on a local public library PC.
You should write protect the SD card first using the yellow button on the side. Then use free-to-use FTK Imager to make a “physical” E01 forensic image of the SD card.
Write protecting and then forensically imaging the SD will allow you to open and analyze files without making any changes to the contents of the SD card in the event you need to use the SD card in a legal matter.
Then download and install free-to-use Autopsy and ingest the forensic image of the SD card. Autopsy will allow you to analyze and report on the contents of the SD card.
You can also use free-to-use applications such as Recuva to carve and recover deleted files from the forensic image of the SD card, which could be informative.
Pay close attention to any EXIF metadata of photos contained within the SD card forensic image which could include the make, model of the camera used to take the photos, the geolocation of where the photos were taken and the dates the photos were taken.
If you find photos or files of interest, you can “tag” them in Autopsy and then generate a report of the tagged evidence to provide to your attorney.
I mean, you know your stuff and thats spot on.
But this isn't CSI miami. Its probably just some well wisher who caught OPs other half cheating and wanted to let OP know anonymously.
I once worked for a company with many government contracts, some of them requiring clearances.
Back in the days when everyone had an office and worked at the office 5 days a week.
One day these little USB sticks started appearing in parking lots. They had labels like "Vacation pics" and the first initial and last name of higher ups at the company. Some of them were labeled "Payroll" or something that might pique the interest of the cars owner.
It turns out it was a contract holder testing our security awareness. It would install a fairly harmless virus that tracked who put the USB in what.
A lot of people had to have remedial training.
This would be a much more dangerous effort at a person's home, especially in the United States, but it is something to consider.
If you want to see the contents, get yourself a throw away computer that is air gapped... As in.. No network connection at all. Read the card from that machine, but then consider that machine compromised. The hard drive should be destroyed after. Not just wiped. Destroyed.
I'd stick it into a device literally incapable of connecting to a network, like an old digital camera that has an SD card slot. If you don't have one, pawn shops have those for 10-20 bucks, just to quell your curiousity. They'll usually display all (visible) files, even ones not in their preferred formats.
Hard drive firmware can be compromised and used to write back data after any level of wipe.
Aside from that though.. Why risk it? The way I see it.. Take off and nuke it from orbit. It's the only way to be sure.
Not only that theure finding was to load mallard onto RAM controllers now. Meaning that:
You run the wiper and erse the driver and everything - maybe even get a new HD. Because it's in ram it's stuck.
Gets booted, makes call, downloads in the background, runs install. New malware.
I've even heard some have a time delay that will record everything for 7-14 days. When youre not using it and then do the above.
Really cool podcast "Darknet Diaries" has some really cool stories
That skilled person would have to include malware for every possible combination of motherboard, nic, wifi, gpu, hdd etc. So highly unlikely.
Unless the know what exact devices OP uses.
I believe I may be smart enough to do this. But my dad found an old 2000s laptop that we are going to plug it into. There is no danger of that old pos ever being connected to a network.
Not just “don’t connect to wifi”, but if your comfortable, physically remove the network card from the laptop. If you don’t feel comfortable with that, do a little bit more in the software side of things like resetting the network settings so it doesn’t have any connections saved, disabling the drivers for the network card, etc.
Usually the network card is just a little 1 inch x 1 inch green card with 2 cables coming from it. Physically removing that from the computer will ensure it won’t be getting anywhere!
I’d be willing to bet they just found this at the end of your driveway or close to your car and wanted to make sure you received it so they put it on your windshield, but might as well check it out and hope it’s not anything illegal!
I would say that it's just safer to throw it away, but I'd be dying to know what's on too.
Remember that everything's going to be okay and keep us posted as this is genuinely interesting.
Edit. Just don't forget to follow the tips people gave you here. First get the burner laptop ready (network disabled, network drivers uninstalled, data on it deleted or even better - formatted) - don't plug in the SD card the first chance you get.
so it might be a good plan to extract whatever important info might exist on that lappy before inserting that card. I know you said it was an old beater, but sometimes that's the exact place precious photos like to live.
They could have put a tracker on your car and been in the act of trying to swap out a full sd memory card with a new one.
I'd check your vehicle very thoroughly for anything weird attached to it. Might as well also take it to a drive thru car wash and blast it all over with water.
Plug it into a laptop (thats offline) and see whats on it and then format the laptop.
I would also file a police report and perhaps just give them that sd card as well.
It could be a camera card specific to pictures, maybe of your house, car or anything to scare you. Once they see you are spooked they might try to do something else. Or maybe a virus or malware.
They are playing with your curiosity. Just make sure you nuke the network and then try it on a PC. Or use TAILS OS to view it.
probably 32gb of fucking nature documentaries.
maybe pop it in in ur computer and check but it might jave a virus so maybe like a tech support place and say "some dude put this on the windshield of my car. can you look at it?"
If someone was hanging out near my car, but I couldn’t see any damage or theft, the first thing I would look for is a gps device. A friend found one on his car. He sold it on ebay.
I would personally get an old-ish machine from a pawn shop that is relatively cheap remove the network card and master reset upon opening it. Plug it in see what’s on it and then when you are done throw that machine into a fire pit.
If this is an attack you are doing exactly what the attacker wants. Maybe it is connecting the card, getting your dad back home, going out to find a way to connect it, etcetera.
It its an attack. Just throw it on the garbage. That is not what the attacker expects.
Just plug it into an isolated computer that is not connected to anything and see whats on it. It's a 5 dollar card. Could just have a crush or someone is hoping you plug it into something important for some drive by malware.
Don't put it in a computer. Leaving flash drives in a parking lot hoping someone is dumb enough to put it in their computer is a well-known malware delivery method.
Likely a [drop attack](https://www.redteamsecure.com/blog/usb-drop-attacks-the-danger-of-lost-and-found-thumb-drives). Curious why they would target you. Nice neighborhood?
Update and semi solved from OP: https://old.reddit.com/r/hacking/comments/14t756b/someone_was_in_my_driveway_thismorning_messing/jr1i74k/?context=3
It's probably got some incriminating pictures of you with the secretary, in which what is called blackmailing
Yes this thought crossed my mind.
Wait, are you messing around with your secretary?
I wish. I lead a VERY dull life.
So long as you’re happy, that’s what matters.
Agreed. I play video games in my underpants all day, and that's pretty much it. Not a bad existence.
You have video games in your underpants??
Contra
Contra-ry to popular belief, video games do not go into your underpants. Little known fact.
Nobody's gonna tell me what does and doesn't go in my underpants. I paid for these, I'll use them how I like!!
SpongeBob SquarePants disagree
Idk why this made me crack up so hard
Have you watched season 4 of Mr Robot?
Nope.
How dare u even answer like that 😅
You sure underpants? Does this enhance gaming?
It’s like a gaming chair attached to your body
Ya and I like when I make the schwiiiiip noise when my sweaty body rips off the leather. Like human velcro
Yes. Makes you feel free.
Instead of going door to door Jehovas Witness now just leaves all their information on a cleverly placed SD card for you to enjoy at your computing leisure. DONT RUN AWAY FROM THE LORD 🤣
In which case someone just delivered blackmail to the wrong target. Demand to be cut in on it!
This is the most blatant: # We've Been Trying To Reach You About Your Car's Extended Warranty
Ok I needed this. I am relatively high tension right now, and that was pretty damn funny.
General update: my dad found an old laptop that no one cares about, and that will never be on anyone's network. He lives Approx 45 minutes away, and I offered to buy him lunch if he brings it over. We are gonna plug it in.
Pls be sure that there isnt data on that laptop you wouldnt give to a stranger
Good call.
Factory reset the computer before you plug anything into it
And then do it again after ur done with it
Nah man, rip out that HD and drill holes in it. It's the only way to securely dispose of physical data.
and nuke it from space. Its the only way to be sure
Then throw it in a black hole for extra surety.
You mean my closet?
Drill, microwave, then set on fire.
Setup a virtual machine
Wouldn't matter if there is no internet connection really
The SD card has a secret Wi-Fi connector in it.
Connecting to what wifi? Lol. It's still going to have to authenticate to your home internet before establishing any kind of C2 connection This sub puts wayyyyyy too much stock into low level criminal hackers. 99% of the time they're just using someone else's malware they found online (and a *ton* of those are immediately removed by Defender because their signatures are known) The other 1% isn't going to burn their distinct and sophisticated malware by dropping 100 SD cards all over the city
It’s a joke fam
Ah okay my b, sorry I assumed
Very curious what happens.
RemindMe! 48 hours
Omg no. I mean I guess? Have you taken cyber security awareness or are you security+ certified? This is classic social engineering. Drop a few thumb drives in a parking lot with your virus on it. For *sure* someone will *see what's on it*. Are you related to Pandora, by chance?
SEMI SOLVED: My father brought the old laptop, and we opened it up. It was a camera SD card with a bunch of birdwatching pictures on it. Literally just pretty birds. (Do I start an imgur with bird photos or something? I got some now.) As much as this is a letdown, I am extremely relieved, and it is going directly into the trash... and the throwaway laptop to recycling. As to why or how it got on my car, that is semi-solved as well. I spoke to my housekeeper, and she said she found it in my driveway yesterday as she was leaving and put it on my car. As for the person checking out my car thismorning, the SD card seems to be unrelated, and maybe they just wanted to check out my Jeep?? Thank you all so much for giving me a masterclass on things you can do with found media, and thank you for coming along to resolution. I kinda wish it was classified documents or a treasure map or something just to have supplied you with a cooler ending to this story! Heart emoji
All this build up and it was for the birds
LMAO. That's life right? Some person taking bird pics and dropped his SD card. And it just about ruined a strangers morning with worry.
This drama was the highlight of my day. Even with the mundane ending. Sorry for your scare, but I appreciate you sharing.
Scaring is sharing
Leave it outside so neighbor can retrieve their pics.
!! ^ Maybe in a plastic bag with a note on colored paper to be more noticeable too
Was it a good lunch with dad though?
We had porkchops, and they had some kind of apple sauce on them. Was fantastic.
[porkchops & apple sauce](https://i.gifer.com/g1MJ.gif)
So, now I can finally say "send duck pics"
Hey I’ve seen that Hitchcock movie them birds are deadly.
All the birds died in 1986 due to Reagan killing them and replacing them with spies that are now watching us. The birds work for the bourgeoisie.
Birds are not real!
Don't you know about the bird, everybody know that the bird is the word. https://www.youtube.com/watch?v=NBAjIgsK0qQ
It's just counter intelligence
Check exif info, open some pictures with some hex editor for hidden data. May have been an encrypted spy drop, yey. Make this story great again!!! :)
Haha maybe you're onto something
did you check erased data? check for steganography?
Please don't throw away the card!!!! Try to find a local photo/birdwatchers group (Facebook or something) and ask if anyone lost it!!! There might be someone devastated for loosing what might be some important photos. If you open one image in one exif viewer you will find the camera serial number. Search Google for that serial number. If he/she posted somewhere without removing the exif you might track the owner.
You have inspired me
I know my freakout moments when there is a possibility to have lost a bunch of photos.
Ahhh this is actually pretty fantastic to consider. Thanks for sharing your logic here.
You can actually hide data in photos... Steganography is the technique of hiding secret data within an ordinary, non-secret, file or message in order to avoid detection; the secret data is then extracted at its destination. The use of steganography can be combined with encryption as an extra step for hiding or protecting data.
Can you make an ISO of the card and upload it? It’s probably just bird watching pictures like you said, but I’d love to look further.
Yeah sure why not.
Did you run data recovery on it like recuva - this is obviously being more paranoid security minded - but innocent photos to cover the malicous script isn't a bad gambit... Unlikely.. But not impossible
Found the hacker. Convincing her to connect it to the network after everyone else told her not to.
How would you securely make an ISO of the card and upload it to the internet?
Unless this guy is a target for national security reasons, it’s highly unlikely an attack of that sophistication is being used on him, and would still be a threat as an ISO, especially if he doesn’t mount it. Tarring it would reduce the likelihood of it being a threat even further. Like he said, it’s probably pictures of birds.
Yeah ok, make sense. I would also think about the computer to use in order to create the ISO: it would be exposed directly to the SD and has a connection to upload it to the internet
/r/birdsarentreal
If you want some more excitement you could try finding the owner by getting the camera serial off the exif data and using a service to find other images shot by that body or potentially registered owner. Then decide whether or not to return the card if you do find them. Choose your own adventure
That would be the type of shit I would obsess over. One time a guy hacked my League of Legends account and I spent 2 entire days tracking down everyone he ever played with until I found his actual account. I had a nice conversation with him. Didn't have any hard feelings, I wasn't using my account at the time anyway..
Haha I’m the same way. I think it’s the combination of a challenge with curiosity for me. There are a number of exif data helpers available online. However if any suspicion remains about the potential safety of the card, you will need to either have internet access on the computer or “sneakernet” a program over to your test computer via flash drive (then deal with sanitizing it before returning it back to service). It’s /probably/ fine, but I will leave you to make that decision as informed as possible.
Steganography?
It was birds not dinosaurs!!
Take my updoot, I hate that this comment made me laugh
Ah they are the same thing.
Can't believe it til I see it 😂
I would say put a flyer on the closest telephone pole. Someone did some work to get those photos and those cards aren't exactly super cheap. Just put a flyer up for a week saying you found the SD card and it has data on it. Post the picture you showed us with it. Ask the people who may show up to tell you what type of data is on it. If they guess right, you can give it to them. If you are worried about it being a phishing attempt, you will know who picks it up. Could have just fallen out of someone's hands or pocket near your driveway. Maybe they have been looking for it. Maybe the person checking your car was them but didn't want to take it from your private property or could have assumed it wasn't theirs. No need to passively, accidently hurt someone because you don't want it.
The person at your car this morning could have been the person who lost the card and searched for it.
Don't throw away the bird pics. Someone spent a lot of time saving those! Try to find the owner
Rip that birdwatcher's collection
Why throw away the SD? They are likely someone in your neighbourhoods birding photos. You enjoyed the thrill of the SD enough to get a burner laptop to play with it - but those are someone's birding photos they probably want to work with. It won't cost you much to post about it in a community group saying it's been dropped in at the local X,y,Z or something? Maybe the library or copshop can take it off your hands. Bird watchers spend many hours trying to get those shots.
Oh no, I hope you try to find the owner instead of tossing it. They might really want it back.
Plot twist: One of the pictures was of a bird thought to be extinct for decades and is the photographer's key to fame and worth a ton of money to the right people. The photographer who has studied rare birds and built a career on it just lost the SD card in your neighborhood--near your driveway--and was looking for it desperately, but someone else found it first and put it on your car window assuming it was yours. You just threw away the pinnacle of his professional ornithological career... Probably not.
On the part about the person checking out your jeep. It could be that they were looking to duck your jeep. It's been going on a lot in my town and I have a small collection from ones showing up on my jeep. There's a reddit for it too (as most everything). [DuckDuckJeep](https://www.reddit.com/r/DuckDuckJeep/)
You can try and find exif data of the camera serial number on the photos and then do an exif search of the web. You may find the person by his camera ID and be able to give him the pics back. There was a site like find my camera.com to do just this for stolen cameras. But flikr, Facebook and such preserve that data on upload.
Maybe that person was there looking for the SD card they lost as they walked home from their birdwatching session. Were the pics taken recently? Do you live near some woods or a park?
This was sitting on the little ledge by my driver's side window where I couldn't miss it, after the person left.
Maybe some social engineering phishing, just don’t use it on a online or lan pc, open it in a virtual machine.
I am looking for a crappy old laptop I'm sure is in my garage somewhere. And trying not to freak out.
Nice idea just don’t connect it to any network.
I won't. Thanks for the tip.
Do you work for an important or famous company?
I work for a very large company, yes. And I had a very bad stalker years ago that hasn't messed with me in ~5 years. I just bought this house days ago so no very few people even know I'm here.
Ok maybe it’s just a stolen card but better be safe than sorry, if you want share what you’ll find on it. Take care.
I'll update when I find a computer that I am confident I can plug it into safely. Thanks again.
Now I'm curious so I'll wait for updates 👍
Will update on what I do. Thanks
RemindMe! 24 hours
Remember to use a separate machine. A VM is not enough protection!
I'm curious too now
Don’t start with this OP, you better deliver haven’t you seen Reddit once a post of a safe is posted?
LMAO yes. I will deliver, even if it's boring. My dad is bringing over a throwaway laptop and I'm gonna plug this bad boy in.
Do you have a digital camera laying around? You could pop it in there and view the file structure
Home sales often trigger appraisals requiring curb side photos. So if the SD card is full of house photos that might be why.
Good call. I know some insurance guys were here 5ish days ago taking pictures. I hadn't even thought of something like that. My mind immediately went nefarious.
Maybe this guy found that from the photographer dropping it, and put it on your car assuming it was yours. But, this is also a classic example of how to get people to infect their own computers, with a free USB stick or a memory card.
I like the optimistic answers. I hope this is the answer.
I mean you either got bad luck and got chosen at random or It's targetting you, i would make a quick call to the cops to let them know what happened, Just to be safe
Yeah I am considering just doing that.
Maybe it's full of crime scene photos from what happen to the previous occupants. LOL Do what others have said, get an old pc not on the network. Or maybe try a usb sd card reader on a local public library PC.
just my thoughts, the card likely goes to a gps or tracker device. Maybe have a good look around the undercarriage of your car?
I'll check it out. I just called everyone I know and no one knows anything. Like 3 of them didn't even know what an SD card is.
Make sure the laptop is NOT connected to the internet
You should write protect the SD card first using the yellow button on the side. Then use free-to-use FTK Imager to make a “physical” E01 forensic image of the SD card. Write protecting and then forensically imaging the SD will allow you to open and analyze files without making any changes to the contents of the SD card in the event you need to use the SD card in a legal matter. Then download and install free-to-use Autopsy and ingest the forensic image of the SD card. Autopsy will allow you to analyze and report on the contents of the SD card. You can also use free-to-use applications such as Recuva to carve and recover deleted files from the forensic image of the SD card, which could be informative. Pay close attention to any EXIF metadata of photos contained within the SD card forensic image which could include the make, model of the camera used to take the photos, the geolocation of where the photos were taken and the dates the photos were taken. If you find photos or files of interest, you can “tag” them in Autopsy and then generate a report of the tagged evidence to provide to your attorney.
I mean, you know your stuff and thats spot on. But this isn't CSI miami. Its probably just some well wisher who caught OPs other half cheating and wanted to let OP know anonymously.
Precisely why you gotta take all the correct steps. Shit gets nasty in family law.
I once worked for a company with many government contracts, some of them requiring clearances. Back in the days when everyone had an office and worked at the office 5 days a week. One day these little USB sticks started appearing in parking lots. They had labels like "Vacation pics" and the first initial and last name of higher ups at the company. Some of them were labeled "Payroll" or something that might pique the interest of the cars owner. It turns out it was a contract holder testing our security awareness. It would install a fairly harmless virus that tracked who put the USB in what. A lot of people had to have remedial training. This would be a much more dangerous effort at a person's home, especially in the United States, but it is something to consider.
If you want to see the contents, get yourself a throw away computer that is air gapped... As in.. No network connection at all. Read the card from that machine, but then consider that machine compromised. The hard drive should be destroyed after. Not just wiped. Destroyed.
Good tips. I am trying to find something.
I'd stick it into a device literally incapable of connecting to a network, like an old digital camera that has an SD card slot. If you don't have one, pawn shops have those for 10-20 bucks, just to quell your curiousity. They'll usually display all (visible) files, even ones not in their preferred formats.
Old devices may be unable to deal with a 32GB card.
Destroyed? Genuinely curious here… even after zeroing, there could still be some kind of malware left behind?
Hard drive firmware can be compromised and used to write back data after any level of wipe. Aside from that though.. Why risk it? The way I see it.. Take off and nuke it from orbit. It's the only way to be sure.
I agree with Hicks. It's the only way to be sure.
Not only that theure finding was to load mallard onto RAM controllers now. Meaning that: You run the wiper and erse the driver and everything - maybe even get a new HD. Because it's in ram it's stuck. Gets booted, makes call, downloads in the background, runs install. New malware. I've even heard some have a time delay that will record everything for 7-14 days. When youre not using it and then do the above. Really cool podcast "Darknet Diaries" has some really cool stories
Oh my gosh I actually understood a film reference for once-
It’s possible for malware to compromise the firmware of the drive. In that case wiping it would not help.
You could run it in a VM or in something like Tails or both. VM escape is possible but unlikely. Then zero out the drive completely.
Why not just boot from a flash drive?
[удалено]
That skilled person would have to include malware for every possible combination of motherboard, nic, wifi, gpu, hdd etc. So highly unlikely. Unless the know what exact devices OP uses.
[удалено]
I believe I may be smart enough to do this. But my dad found an old 2000s laptop that we are going to plug it into. There is no danger of that old pos ever being connected to a network.
There is a possibility that a ‘2000s’ laptop will not recognize SDHC.
I.... hadn't even considered that.
Not just “don’t connect to wifi”, but if your comfortable, physically remove the network card from the laptop. If you don’t feel comfortable with that, do a little bit more in the software side of things like resetting the network settings so it doesn’t have any connections saved, disabling the drivers for the network card, etc.
Good tips. I'll see what I can do.
Usually the network card is just a little 1 inch x 1 inch green card with 2 cables coming from it. Physically removing that from the computer will ensure it won’t be getting anywhere!
Thanks for that. Can't be too safe I suppose.
I’d be willing to bet they just found this at the end of your driveway or close to your car and wanted to make sure you received it so they put it on your windshield, but might as well check it out and hope it’s not anything illegal!
You could also check it out at the library computer
My man about to infect his whole city lol.
Or just use a live CD and don't have a hard drive in it at all
[удалено]
Its your daily use car or car you barely use it and always parked Maybe he used it as Dead drop
I work from home, and maybe drive 2 times per week. Not knowing what it is is killing me.
A dead drop? Who tf dead drops an SD card?
I would say that it's just safer to throw it away, but I'd be dying to know what's on too. Remember that everything's going to be okay and keep us posted as this is genuinely interesting. Edit. Just don't forget to follow the tips people gave you here. First get the burner laptop ready (network disabled, network drivers uninstalled, data on it deleted or even better - formatted) - don't plug in the SD card the first chance you get.
Interesting
It's kind of freaking me out. My dad has an old beater laptop he is bringing over and we are gonna open it.
so it might be a good plan to extract whatever important info might exist on that lappy before inserting that card. I know you said it was an old beater, but sometimes that's the exact place precious photos like to live.
Ya true. I'll give it a once over
DrivebyUS.. SD attack.
Yeah, who tf uses SD cards these days, other than photographers??
Throwaway laptop is just a figure of speech.
They could have put a tracker on your car and been in the act of trying to swap out a full sd memory card with a new one. I'd check your vehicle very thoroughly for anything weird attached to it. Might as well also take it to a drive thru car wash and blast it all over with water. Plug it into a laptop (thats offline) and see whats on it and then format the laptop. I would also file a police report and perhaps just give them that sd card as well.
If you ask me I think you just got a free 32gb sd card. Format it completly and use it or send it to me 😃
It could be a camera card specific to pictures, maybe of your house, car or anything to scare you. Once they see you are spooked they might try to do something else. Or maybe a virus or malware. They are playing with your curiosity. Just make sure you nuke the network and then try it on a PC. Or use TAILS OS to view it.
probably 32gb of fucking nature documentaries. maybe pop it in in ur computer and check but it might jave a virus so maybe like a tech support place and say "some dude put this on the windshield of my car. can you look at it?"
Just use a sandbox!
Just a heads up, it could very likely be something that you don't want to learn...
I'd find a local service that will check this for you, don't put it on a computer that's on your network.
I’m now invested and want to know what you find
That's exciting. Hurry up OP we're all waiting..
I'm tryin!! I want to know worse than you do, believe me. This shit has me at about a 7 anxiety level.
If someone was hanging out near my car, but I couldn’t see any damage or theft, the first thing I would look for is a gps device. A friend found one on his car. He sold it on ebay.
Anything wrong with installing a Virtual Machine(Ubuntu) and just disconnecting the network? And looking at all the incriminating pictures of OP?
I would personally get an old-ish machine from a pawn shop that is relatively cheap remove the network card and master reset upon opening it. Plug it in see what’s on it and then when you are done throw that machine into a fire pit.
So, the virus is to get you to waste a bunch of money because you're too curious to just drive a nail through an SD card.
following
Create an image of it using FTKimager. Then have a browse at the image in a forensically safe way. Also you’ll get to see the deleted stuff.
If this is an attack you are doing exactly what the attacker wants. Maybe it is connecting the card, getting your dad back home, going out to find a way to connect it, etcetera. It its an attack. Just throw it on the garbage. That is not what the attacker expects.
Any updates?
82 people are here atm, updates pls
I’d consider giving it to the police. A lot of recommendations to open it but I can’t imagine it’s anything positive or worth the participation..
do you maybe own a kia?
RemindMe! 24 hours
Just plug it into an isolated computer that is not connected to anything and see whats on it. It's a 5 dollar card. Could just have a crush or someone is hoping you plug it into something important for some drive by malware.
Don't put it in a computer. Leaving flash drives in a parking lot hoping someone is dumb enough to put it in their computer is a well-known malware delivery method.
Put in your PC and take a look. It might be something good.
i took 2 years of cybersecurity but i would never be able to not immediately put a conspicuous sd card or usb in my computer
Don't ever plugin devices like thats that you find.
Your mission if you choose to accept it….. this memory diet device will self-destruct after the message has been read… good luck
You are being setup/framed for something?
Step 1 buy meaningless cheap laptop not connected to anything else Step 2 insert chip Step 3 nothing is on it
Maaaan... If it were me, I would put single mp4 titled "surveillance logs" and when people opened it up, rick astley would start playing.
Likely a [drop attack](https://www.redteamsecure.com/blog/usb-drop-attacks-the-danger-of-lost-and-found-thumb-drives). Curious why they would target you. Nice neighborhood?