BadUSB malware Stored in USB Firmware can take over the computer

USB logoA new piece of malware has been created, dubbed BadUSB, that can be hidden in the firmware of USB devices and modify the files installed from a removable storage device, as well as divert the Internet traffic by changing the DNS settings.

Karsten Nohl and Jakob Lell from SR Labs are the authors of the BadUSB proof-of-concept malware, against which they say there is no protection solution except restricting the use of USB-connected devices.

They say that turning one device type into another is just a matter of reprogramming the USB controller chips, and that “very widely spread USB controller chips, including those in thumb drives, have no protection from such reprogramming.”

As such, a reprogrammed USB device can emulate another. One example would be a gadget impersonating a keyboard, which can launch commands for stealing data or for installing malware from a specific location. The risk is significant, because there is the possibility to infect other controller chips available on the system.

Another example of how threat actors can use this type of malware is spoofing a network card and proceeding to modify the DNS information and redirect traffic to a system controlled by the attackers.

Also, the method can be used with removable storage devices, which can install malware on the computer before the operating system boots up.

According to the two researchers, there is no effective protection against this sort of threat, because antivirus products don’t have access to the firmware of USB devices. Moreover, at the moment, there is no firewall solution that could block certain device classes.

They also point out that behavioral detection is also a dead end, because when a malicious USB switches to a different device type, the system monitoring mechanism would only record that a new USB device has been hooked to the computer system.

“To make matters worse, cleanup after an incident is hard: simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root,” the researches explain.

“The USB thumb drive, from which the operating system is re-installed, may already be infected, as may the hardwired webcam or other USB components inside the computer. A BadUSB device may even have replaced the computer’s BIOS – again by emulating a keyboard and unlocking a hidden file on the USB thumb drive,” they add.

What this means is that once BadUSB has been detected, all USB devices that have been plugged into the computer should be considered infected.

The duo will hold a presentation at the Black Hat USA conference this month, where they will also release the proof-of-concept tools.

Source: Softpedia

Tags: security, USB

Comments
Add comment

Your name:
Sign in with:
or
Your comment:


Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party


Last news

 
Consumer group recommends iPhone 8 over anniversary model
 
LTE connections wherever you go and instant waking should come to regular PCs, too
 
That fiction is slowly becoming a reality
 
The Snapdragon 845 octa-core SoC includes the Snapdragon X20 LTE modem
 
Human moderators can help make YouTube a safer place for everyone
 
Google says Progressive Web Apps are the future of app-like webpages
 
All 2018 models to sport the 'notch'
 
The biggest exchange in South Korea, where the BTC/KRW pair is at $14,700 now
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 /
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /
 
 

News Archive

 
 
SuMoTuWeThFrSa
     12
3456789
10111213141516
17181920212223
24252627282930
31      




Poll

Do you use microSD card with your phone?
or leave your own version in comments (4)