Are Ethernet Adapters Still Safe?

[claytoast]

Hi Malwarebytes support,

 I wondered if Ethernet adapters, such as the Plugable USB 3.0 to Ethernet Gigabit 10/100/1000 LAN Network Adapter, remain safe against malware since they contain rewriteable firmware in EEPROM.

If the product was only connected via the USB 3.0 cable and its circuitry was never removed from the casing and modified, is there any chance this device could retain malware?

 The reason I ask is I am currently salvaging a Windows PC and want to assess what accessories I may still use. My mouse had to be disposed of due to its ability to store commands, so I'm attempting to be careful.

Thank you for your help.

[David H. Lipman]

Ethernet adapters are always safe.  Same with Token Ring, ArcNET and other topologies.  It doen't make a difference if it a PCI, PCIe, USB or embedded chipset. It is the network protocols such as TCP/IP ( HTTP/HTTP, FTP, NNTP, SMTP, NFS, etc )  that can be exploited and can make using them unsafe.  They can't retain malware.  It is the Operating System that gets infected and thus affected.

Mice are an Input only device.  Nothing is stored in them.

 

 

[exile360]

I must agree with David's above comments.  Basically short of some NSA level hardware/spyware or deep level BIOS/firmware infection custom built to target your specific component(s) (something that is EXTREMELY unlikely as that's a lot of effort to go to, not to mention the fact that it would likely require physical access to the machine/hardware), the chances of those hardware devices containing any actual infections/malware is pretty much nil.  Run-of-the-mill malware infections do not and cannot infect such devices and the criminals that create most of the common malware seen today would never target such devices because the number of users/systems/devices they would be able to infect would be far too small for the effort to be profitable, and profit is the name of the game (this is many modern threats are written to be cross-platform, infecting browsers and common extensions since there are so many mobile devices in use and why most PC-only threats are written to avoid requiring admin permissions to avoid UAC (an issue that renders the use of limited user accounts pretty much pointless, at least as long as you keep UAC active for all admin user accounts).

Edited June 24, 2019 by exile360