Security researchers Karsten Nohl and Jakob Lell have reverse engineered the firmware that controls the basic communication functions of USB. Doing so, they’ve also written a piece of malware, called BadUSB, that can “be installed on a USB device to completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user’s internet traffic.” The things that can be done using the exploit seem to be endless. An example: a USB device could emulate a USB-connected keyboard and automatically send over all sorts of keystrokes that, when combined, could lead to various issues – installing malware, wiping key files off a drive, copying files over to the USB device, etc. Worse, it doesn’t appear that there are any effective ways to prevent (or clean) an attack launched by the corrupted firmware of any USB-connected device. There is virtually no way to check whether a device’s firmware has been tampered with, and if you do find any, there’s no single-trusted version of it to check against. The exploit can also travel both ways: a USB stick could infect a computer with its malware, say, and the PC could then infect any USB device plugged into it. The solution? There isn’t one. The only thing that you can do at this time is to NOT connect USB devices to computers you don’t trust, or don’t connect untrusted USBs to your computer. Who knows what might happen? The security researcher pair will demonstrate their findings at this year’s Black Hat conference in Las Vegas on 7th August. If there’s anything important and previously unknown announced during their keynote, we’ll update this article. Until then, beware of untrusted USBs!
