Slashdot Mirror

← Back to Stories (view on slashdot.org)

"BadUSB" Exploit Makes Devices Turn "Evil"

Posted by timothy on from the thinkgeek-had-something-funnier-years-ago dept.

An anonymous reader writes with a snippet from Ars Technica that should make you (even more) skeptical about plugging in random USB drives, or allowing persons unknown physical access to your computer's USB ports: When creators of the state-sponsored Stuxnet worm used a USB stick to infect air-gapped computers inside Iran's heavily fortified Natanz nuclear facility, trust in the ubiquitous storage medium suffered a devastating blow. Now, white-hat hackers have devised a feat even more seminal—an exploit that transforms keyboards, Web cams, and other types of USB-connected devices into highly programmable attack platforms that can't be detected by today's defenses. Dubbed BadUSB, the hack reprograms embedded firmware to give USB devices new, covert capabilities. In a demonstration scheduled at next week's Black Hat security conference in Las Vegas, a USB drive, for instance, will take on the ability to act as a keyboard that surreptitiously types malicious commands into attached computers. A different drive will similarly be reprogrammed to act as a network card that causes connected computers to connect to malicious sites impersonating Google, Facebook or other trusted destinations. The presenters will demonstrate similar hacks that work against Android phones when attached to targeted computers. They say their technique will work on Web cams, keyboards, and most other types of USB-enabled devices.

5 of 205 comments (clear)

  1. Leverage by PRMan · · Score: 3, Informative

    And everyone said that when Hardison would program USB sticks to type stuff and send all the data back to headquarters when they just plugged it in a computer that it was not real. It turns out he was just ahead of everyone else.

    --
    Peter predicted that you would "deliberately forget" creation 2000 years ago...
  2. Re:and this is news why? by blueg3 · · Score: 3, Informative

    The whole point of this is that the malware reprograms the firmware of existing, trusted devices to make them malicious.

  3. Re:and this is news why? by NJRoadfan · · Score: 3, Informative

    and of course I re-read this and realize they meant also changing a webcam or keyboard to be malicious. Man I shouldn't post before my morning coffee.

    Let them try reprogramming a Model M keyboard. There is one perk to legacy PS/2 ports, they are secure!

  4. Re:and this is news why? by Anonymous Coward · · Score: 2, Informative

    As far as I can tell from the article it's not "malware reprograms", it's "malicious third party with physicall acess to USB device reprograms".

    Quite a bit of difference.

  5. Re:USB 4.x to offer signed USB device signatures?? by Anonymous Coward · · Score: 2, Informative

    What they are talking about here infects on firmware/driver level initialization between USB device and computer when plugged in that is an inherent part of the USB standard, before and invisible to any user mode (software) inspection (and how do you plan to see/test that the usb firmware is not infected?). This is not your regular Windows auto-run type problem.