I’ve been the one identifying the people who use jigglers. Usually it was a manager coming to us to look for a reason to fire a poor employee or a contractor trying to bill a suspiciously large number of hours for the work produced. If it was just poor performance, HR would make us do a PIP and waste 3 months on them. Violating security procedures and falsifying time sheets was an immediate termination. And for the contractors, you need evidence in order to refuse payment.
Btw, if you want to get away with it, don’t use a software or USB one. Get one that interfaces with a regular mouse. Modern cybersecurity software logs every process executed and device connected.
USB devices have a hard coded vendor identifier and product identifier built into them that are issued from a central authority. The ones I saw were easily identifiable as not legitimate mice.
I’ve been the one identifying the people who use jigglers. Usually it was a manager coming to us to look for a reason to fire a poor employee or a contractor trying to bill a suspiciously large number of hours for the work produced. If it was just poor performance, HR would make us do a PIP and waste 3 months on them. Violating security procedures and falsifying time sheets was an immediate termination. And for the contractors, you need evidence in order to refuse payment.
Btw, if you want to get away with it, don’t use a software or USB one. Get one that interfaces with a regular mouse. Modern cybersecurity software logs every process executed and device connected.
But the USB one is going to be identified as a mouse (input device), you can even change the hardware id to be the same as the work mouse no?
USB devices have a hard coded vendor identifier and product identifier built into them that are issued from a central authority. The ones I saw were easily identifiable as not legitimate mice.
I know but you can change it, I think, at least in the bad usb devices that we use for red team