USB: The ultimate hacking tool?

German researchers found out how to transform USB devices into an automatic hacking tool!

A USB can be used to steal information from a computer. Ofcourse it can also be used to bring malware into the secured network, this usually happens when someone has evil plans or because of a stupid employee (No offence).

German researchers have found another way to use these handy devices in an evil way. It is possible to change these USB’s in some sort of automatic hacking tools. The malware detection software does not have a way to detect this for now. So be cautious when accepting a USB from a stranger!

BadUSB

To explain this a bit better, we need to look into the USB hardware. The USB has a controller chip. This chip has been programmed with firmware. This firmware makes sure that the USB can interact with the computer with ease ( most of the time).
German researchers have discovered that they can reprogram this chip with modified firmware. BadUSB is the name of a bunch of tools that they have developed at SRLabs, just to proof that these modified devices are dangerous.
Another problem is that anti-malware software does not yet scan this firmware, this means that hackers have an easy game.

SRLabs reprogrammed a USB in a way that the computer thinks that he’s interacting with a keyboard. This means that the USB has access to all the functionalities of the computer, with the same rights of the logged

Another possibility is to reprogram the stick to act like a NIC (Network Interface Card). The USB can then change your network settings without you noticing because these settings may be applied even before your OS has been loaded. Changing these network settings may redirect your traffic to malicious site, such as phishing sites.

BadUsb

BadUsb

Powerless malware detection

Malware detection scanner have no access to the firmware of the USB, so they can’t scan it for viruses. The computer handles the inject devices just like a new USB.

Hard to get rid of

This kind of virus is hard to get rid of.
Normal malware can easily be removed by virus scanners of formatting the computer. This doesn’t help with firmware viruses. Even if you destroy the hazardous USB, it may already have infected your other USB devices.

This danger may soon be patched by manufactures by making the firmware harder to crack and harder to reprogram.
Security companies may also help by adding software to their suites that is capable of scanning firmware and remove the threats from the controller chip

But for now, there’s nothing to stop this threat. You can always stop using USB for now.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s