Diabolic Drive may look like a 64GB USB flash drive and show as such when you insert it into your computer, but it’s actually a wireless keystroke injection tool with a Microchip ATmega32U4 8-bit AVR microcontroller and an Espressif Systems ESP8266 WiFi SoC.
Egypt-based UNIT 72784 says their cyber security tool enables Red Teaming – the practice of rigorously identifying an attack path to breach a device’s security – as it behaves like a flash drive while being able to deploy keyboard strokes wirelessly through the ESP8266 WiFi MCU.
Diabolic Drive specifications:
- MCUs
- Microchip ATmega32U4 microcontroller @ 16 MHz (5V) acting as a Serial Bridge
- Espressif Systems ESP8266EX microcontroller @ 160 MHZ (3.3V) with WiFi 4 support
- ATmega32U4 and ESP8266 are connected via Serial and I2C protocols thanks to an LDO regulator.
- Storage
- 64 GB flash storage up to 20MB/s read, 10MB/s write
- 4MB W25Q32 SPI flash memory o
- Antenna – High gain 4.1 dBi ceramic chip 2.4 GHz wireless antenna
- USB – 1x USB 3.0 Type-A port for power and data like a standard flash drive
Both the Microchip ATmega32U4 and Espressif Systems ESP8266 are very popular microcontrollers that you can program with supported firmware (e.g. Arduino), but for cyber security testing, the developers suggest (Arduino) firmware such as WiFiDuck wireless keystroke injection attack platform or ESPloitV2 WiFi keystroke injection tool designed for an Atmega 32u4/ESP8266 paired via serial. Other firmware suggestions can be found on GitHub along with further technical details and documentation about the Diabolic Drive.
The Diabolic Drive is an especially bad boy since it can be hard to detect for an unsuspecting user because it’s compatible with many commercial USB flash drive enclosures, and while it exposes mass storage, HID device, and virtual COM port, it does so simultaneously, so that an operating system like Windows will only trigger an audio notification once like a normal flash drive.
UNIT 72784 has just launched the Diabolic Drive on Crowd Supply with a $10,000 funding target. There’s a single reward with the Diabolic Drive going for $111 with free shipping to the US, and $12 to the rest of the world. That feels quite expensive for the hardware involved, but it should be expected for this type of niche hardware, and other similar devices are in this price range too as shown in the table below. Delivery is scheduled to start at the very end of 2023.
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
Support CNX Software! Donate via cryptocurrencies, become a Patron on Patreon, or purchase goods on Amazon or Aliexpress
