Operation Thumbo: Information for Sellers

...An attempt to rid the scourge of fake/counterfeit/hacked USB thumb/flash drives.

Step 1: Understand what a Thumbo Drive is

USB flash drives can fall into 3 general categories: [1] brand name drives (SanDisk, PNY, Kingston, AData, etc.), [2] generic drives (ones with no name or an unknown name, but work properly), and [3] "Thumbo Drives" a/k/a fake, counterfeit, hacked USB flash drives. It's great to sell brand name drives. Most generic drives are poor quality, but you can sell 'em if you want to.

"Thumbo Drives", on the other hand, are fraudulent; they have no purpose other than to make money for the creator and seller. They are designed to trick the buyer into thinking they are real full-capacity drives (e.g. 128GB), while only containing a fraction of that (e.g. 8GB). The drive is hacked to report the larger capacity (that it does not have). The first 8GB (in this example) works fine, and that is where the files get stored first. So you can save data and read it back! But the drive is hacked so that after that 8GB gets filled up, it silently drops (deletes) the data and reports no errors. The operating system thinks the file is there (it records in the "good" area that a file exists, but the file is stored in the "bad" area), but when you go to read it, garbage is returned.

Note that there are also counterfeit brand name drives, which is a separate issue (drives that look like real ones, but are not). Those are almost certainly either "Thumbo Drives" disguised as brand name drives, or very low quality drives, and also illegal in most areas.

Step 2: Detemine If You Are Selling Them

You have to take this step. You need to fully understand that these drives you are selling are fake, worthless drives.

The first step is to get an idea without even opening one up:

  • Does it have a recognizable brand name (SanDisk, PNY, etc.) on the packaging and the drive itself? If not, it is either a (likely low quality) generic drive, or a "Thumbo Drive". If it does have a recognizable brand name, compare it to images online (e.g. does it have the capacity listed?), to help verify that it isn't a counterfeit of a brand name.
  • Does it come in a hard plastic case, with white paperboard inside with "USB Flash Drive" written with an orange trail behind it, "CE FC" logos on the bottom left, a picture of a laptop on the bottom right, and mentioning "Micro Vault"? If so, the drive is almost certainly counterfeit. "Thumbo Drives" in this packaging have been in the market since at least 2009. "Micro Vault" is an old Sony brand of USB thumb drive, trademarked by Sony.
  • Does it come in a small plastic bag that it just barely fits into? If so, it is most likely a "Thumbo Drive" (and if not, likely a low-quality generic).
  • Does it have a small oval hologram sticker stating the capacity ("128GB")? If so, it is almost certainly a "Thumbo Drive" (I have seen one generic drive with this sticker, however -- perhaps one that had been destined to be a "Thumbo Drive", but for some reason sold without being hacked).

At this point, you have likely realized that you at least might be selling fake USB drives. The next step is to test them to be sure. Options include:

  • H2testw. This is the standard test; it works well in almost all cases, but is very slow, and destructive (writes data).
  • I am working on a read-only program to detect Thumbo Drives, so it is not destructive (the data on the drive does not change in any way). This should be a quick, easy way to detect most "Thumbo Drives".
  • Do it yourself. Fill the drive with files, and verify they work. For example, fill the drive with videos, and test the beginning of each one to see if it plays. This isn't foolproof, but close (e.g. if you have a fake drive with 1GB of real memory reporting as 4GB, and save a single 4GB video, the beginning would play OK).

Step 3: What Next?

At this point, you should realize that you are selling fraudulent USB drives.

The first thing to understand is that now if you continue to sell them, you have changed from selling a bad product to knowingly selling a fraudulent item. If you are intentionally selling fake thumb drives, you are trying to get people to install a device in their computer that is designed to delete their data. That is likely a computer crime in many jurisdictions.

So at the very least, you'll want to stop selling any drives. Ideally, you will contact whoever sold them to you, get a refund, and be able to destroy them. And then inform your existing customers.

You may want to read about this seller (scroll down to the auction description) and his experience.

(C) Copyright 2016 R. Scott Perry