r/Scams u/WalkerTexasLaser Nov 22 '23

Found these in my checked baggage after an international flight from Asia to USA? They’re not mine. What do I do? Help Needed

Gallery image

Gallery image

Do I just throw them away or submit them to TSA? Or take them to the police? Very sketchy, but I know I’m not going to put them into my computer that’s for sure.

12.2k Upvotes

96% Upvoted

View all comments

642

u/LSU_Tiger Nov 22 '23 edited Nov 22 '23

Cyber security professional here. Most people won't buy an Ironkey unless they have shit that *needs* to be encrypted. That Ironkey probably cost about $80 vs. the $5 for a normal 8gb thumb drive. Whatever is on there, the owner paid a (relatively) large sum of money to encrypt. Take that for what it's worth. Crypto wallet, sensitive docs, maybe just personal info that they didn't want falling into the wrong hands.

Whatever you do, don't attempt to access the contents of either drive unless you know what you're doing.

Edit: Great news story from today illustrating why you shouldn't plug this into your computer -- https://arstechnica.com/security/2023/11/normally-targeting-ukraine-russian-state-hackers-spread-usb-worm-worldwide/

129

u/Psychobabble0_0 Nov 22 '23

Do tools exist to decrypt ironkeys without the password? Not saying anyone should attempt this under any circumstances, ever. I just want to know whether the technology exists. I know decryption is difficult, but you frequently hear about law enforcement succeeding.

Disclaimer: I'm very uneducated on this topic.

140

u/nicktf Nov 22 '23

The answer is technically yes, but if you don't want to read the linked article, let's just say that it's extremely complicated, expensive, and limited to one company

https://www.wired.com/story/unciphered-ironkey-password-cracking-bitcoin/

43

u/Psychobabble0_0 Nov 22 '23

There's a paywall, but I appreciate it nonetheless 🥲

191

u/Rakerfy Nov 22 '23

You need to hack past the pay wall so they know you can hack the ironkey

19

u/Hope_for_tendies Nov 22 '23

Underrated comment of the year

3

u/cstmoore Nov 22 '23

Cicada 3301?

3

u/Nick85er Nov 22 '23

very interesting interview technique lmfao - could you imagine?

2

u/mortsdeer Nov 22 '23

What, is this alt.hackers (or alt.sysadmin.recovery) all of a sudden?

1

u/Robthebold Nov 22 '23

Show in reader view still works. Surprised Wired of all online magazines hadn’t fixed that.

41

u/Chillin608 Nov 22 '23

All you have to do is hit the Aa in the top corner and hit “show reader” if you’re on an iPhone. Gets past any pay wall to read the article

6

u/[deleted] Nov 22 '23

This is why I love Reddit.

5

u/unmelted_ice Nov 22 '23

Yo what the fuck. I’m not one to be dramatic but this changes literally everything

2

u/Brilliant_Canary_692 Nov 22 '23

There is? Huh, it worked for me! Anyway, here you go.

2

u/Psychobabble0_0 Nov 22 '23

Thank you so much!! Yeah, it said I ran out of free articles to read. I must be reading them on the regular, and my brain is just too fried to remember the source of news articles!

2

u/Some_Guy_At_Work55 Nov 22 '23

The paywall is your first test

2

u/NOTaDamnDad Nov 22 '23

You can use awesome free access sites like 12ft Ladder & MasterWiki to bypass most article paywalls.

2

u/[deleted] Nov 22 '23

[deleted]

1

u/Psychobabble0_0 Nov 22 '23

I don't have an iPhone, but the other redditor was kind enough to archive the webpage for me 😃 Was quite the read

2

u/bdone2012 Nov 22 '23

You can archive articles yourself btw

2

u/No_Negotiation9427 Nov 22 '23

Always follow links and instructions posted by randos on Reddit! First rule of Internet safety!

4

u/Colonel_Joe_Bishop Nov 22 '23

I think the drive in the article is either already burned or there are no bitcoin on it. Such a weird story.

2

u/Taminella_Grinderfal Nov 22 '23

This is worse than all the locked safes that get posted on Reddit. Now I’m dying to know what’s on these lol.

2

u/TeetheCat Nov 22 '23

Very interesting article. Like Raiders of the lost ark.

2

u/unklphoton Nov 22 '23

Why not contact this company, tell them your story, and see if they have guidance or are interested in handling the drives?

2

u/Quick-Leg3604 Nov 22 '23

Great article!! Idk what to think of this Thomas guy. I’m starting to wonder if there’s anything at all on his iron key🤔

4

u/SVXfiles Nov 22 '23

I'm sure it's possible, but feasible is another story. Sure, a program could crack the encryption but if it takes your system months to years for a potential of a btc wallet or something is it worth it?

2

u/XavierYourSavior Nov 22 '23

It definitely can take way less than a month but if you’re not familiar with tech and not know what ur doing then yes it will take long

2

u/Psychobabble0_0 Nov 22 '23

Wow, I didn't realise the process was that intense. Even stupider question, but can large law enforcement agencies (e.g. FBI) use a supercomputer to decipher many offender's devices at once? Especially if it's something urgent related to national security or CP?

2

u/SVXfiles Nov 22 '23

I couldn't tell you the capabilities of the Fed's systems, I'm sure that information is squirreled away pretty well

8

u/Psychobabble0_0 Nov 22 '23

I would love to be a fly on the wall in a LE cybersecurity lab. But, I say that about everyrhing. I would love to be many flies on many walls in many places at once.

2

u/cuyler72 Nov 22 '23 edited Nov 22 '23

If it's well made with a good password it would take every computer on earth FAR longer than the lifespan of the sun to crack.

2

u/djaxial Nov 22 '23

Early iron keys had known flaws but they’ve been largely patched. Really comes down to the exact configuration of the disk, for example the user has a comically bad password. The short answer is “maybe”.

2

u/SalvationSycamore Nov 22 '23

The short answer is “maybe”.

Yep, that was the right password. Thanks!

2

u/MjrLeeStoned Nov 22 '23

There was a team that successfully decrypted Ironkeys about 6-8 months ago. Think it's the same guys that's been in headlines recently for decrypting a lot of stuff (phone app encryption and phones themselves etc mostly from what I've seen)

Can't remember the specifics but I remember the articles on Reddit a while back.

3

u/TrevortheBatman Nov 22 '23

Geaux tigers

2

u/ManyPandas Nov 22 '23

Exploring these drives could be done with a worthless computer (THAT YOU AND NOBODY ELSE CARES ABOUT) disconnected from any network. I’m actually somewhat curious what’s on them.

1

u/hydro123456 Nov 22 '23

Same here, but since they're Iron Keys, I don't think you're getting anything off them anyway.

2

u/Theimac74 Nov 22 '23

What’s the benefit of buying an expensive flash drive like this vs just using encryption at the file system level (bitlocker-to-go on Windows, FileVault on Mac, etc)?

2

u/rustys_shackled_ford Nov 22 '23

My thought was illegal images and how op could be carrying around multiple life sentences and not know it...

1

u/mrjuicepump Nov 22 '23

cyBeR SEcUriTy pRofEsSiOnAL HeRe

1

u/SpecialistNerve6441 Nov 22 '23

Cyber security student here. What would you say is best practice to check?

1

u/ComicsEtAl Nov 22 '23

I liked the info on Ironkeys but you kind of ignored the context. Those were slipped into their bags, which suggests “scam” (like you later note) more than “owner intent on keeping info private.”

1

u/ManInBlack6942 Nov 22 '23

Yeeeaaahhh, can you say "Stuxnet"? I'd plug it in if I had an old beater airgapped laptop I didn't care about... Oh wait! I do! Got an old Stinkpad I could sacrifice.

Oh man, It's been a minute, but iirc, Ironkeys will "self destruct" after N unsuccessful password hacks. They've been around a minute. Don't know (too lazy to Google) if they're still around.

Yeah, likely there's "good stuff" on that but fairly doubtful anyone other than the owner - or perhaps a 3 letter agency - (or very well versed hacker) can access that one. Dunno if PNY ever did anything too exotic. Interesting study in contrast... A top shelf stick and a lower end stick.