“Undetectable & Unpatchable” BadUSB Malware
Now available for anyone to Use
If you use a USB device to move digital files from one machine to another, you need to know the latest news on this flaw in design specs that could put your computers at risk.
Well in that case let me quote a simple example of how a good USB turn into so-called BadUSB. For example, a device can emulate a keyboard and issue commands on behalf of the logged-in user to enter files or install malware. Alternatively, the device could also spoof a network card and change the system’s DNS settings to redirect traffic. Malware scanners can’t access the firmware running on USB devices .Moreover the behavior of a Bad USB device looks like a user has merely plugged in a new device. McAfee publically confirmed that anti-virus technology can’t inspect the drivers running inside a USB device making it “undetectable and unpatchable”.
The BadUSB flaw was first detected by Karsten Nohl and Jakob Lell and demonstrated at the Black Hat cyber security conference. Now two security researchers – Adam Caudil and Brandon Wilson at Derbycon in Kentucky have discovered the same Bad USB flaw and published their proof-of-concept on Github. Wilson and Caudill managed to reverse engineer the same USB firmware as Nohl and Lell and reproduce some of the same tricks used by Bad USB, including one that would allow attackers to impersonate a keyboard, telling victim’s machine what to type.
The pair believes that y publishing the code, it will allow security experts to highlight what a big issue this is, and is potentially kick start a major rethink in USB security.
“If the only people who can do this are those with significant budgets, the manufacturers will never do anything about it. You have to prove to the world that it’s practical, that anyone can do it. That puts pressure on manufacturer to fix the real issue”, Caudill said in an interview with Wired.