New Malware Can Live Inside Any USB Device Undetected

Discussion in 'Off-Topic Discussion' started by Jeffrey, Aug 1, 2014.

  1. Jeffrey

    Jeffrey Administrator Staff Member

    Joined:
    Jul 27, 2014
    Messages:
    269
    Likes Received:
    35
    Trophy Points:
    135
    Location:
    Thailand
    [​IMG]

    It turns out that the stalwart USB thumbstick, or any universal serial bus device, isn't as trustworthy as once thought. A pair of security researchers has found we need to worry about more than just malware-infected files that are stored portable drives, and now need to guard against hacks built into our geek-stick's firmware according to Wired. The proof-of-concept malware Karsten Nohl and Jakob Lell have created is invisible and installable on a USB device and can do everything from taking over a user's PC to hijacking the DNS settings for your browser. Or, if it's installed on a mobile device it can spy on your communications and send them to a remote location, similar to the NSA's Cottonmouth gadgets. If those don't worry you, perhaps that the "BadUSB" malware can infect any USB device -- including keyboards -- and wreak havoc, will. What's more, a simple reformat isn't enough to disinfect either, and the solution that Lell and Nohl suggest goes against the core of what many of us are used to doing.

    The duo says that the only way around BadUSB is to more or less treat devices like hypodermic needles; trusting only those that have been used within our personal ecosystem and throwing away any that've come in contact with other computers. Hopefully you don't have a ton of untrustworthy Porsche sticks laying around.


    Source
     
  2. Spider

    Spider Administrator Staff Member

    Joined:
    Mar 24, 2011
    Messages:
    15,413
    Likes Received:
    1,784
    Trophy Points:
    1,000
    Location:
    Chicago, IL
    Tablet / Device:
    NOOK Tablet Stock NOOKcolor Rooted/Flashed Nexus 7 (2013) 32GB Stock
    For me, part of fixing an infected PC or "tuning" one usually involves plugging one of my thumb drives with stand alone utilities and AV programs into their "bad" PC. The drive I've used has a "Lock" switch on it, and I always make sure the R/W switch is flipped to Locked, making it read only.

    Any idea whether this malware can still get into my drive?
     
    • Like Like x 1
  3. Jeffrey

    Jeffrey Administrator Staff Member

    Joined:
    Jul 27, 2014
    Messages:
    269
    Likes Received:
    35
    Trophy Points:
    135
    Location:
    Thailand
    Here is some additional info.

    Unless the tainted firmware is itself reverse engineered, the malware is protected from being discovered and will remain on a device even after a disk erasure is performed, a routine process for clearing suspected malicious software.

    Further, BadUSB is bidirectional. In other words, if a malware's payload is coded to do so, a thumb drive can infect a computer's USB firmware, which in turn reprograms the firmware of yet another connected USB device, spreading the code silently across any and all systems. In testing, Nohl and Lell found that basically any USB device is vulnerable to the exploit.


    Source
     
    • Like Like x 1
  4. leeshor

    leeshor Senior Member

    Joined:
    Dec 27, 2011
    Messages:
    6,331
    Likes Received:
    1,037
    Trophy Points:
    700
    Location:
    Norcross, GA
    Tablet / Device:
    Samsung Galaxy Tab S 10.5
    This reminds me of the very old original infections that were called boot sector viruses and were usually transmitted from system to system by restarting a system that had an infected floppy disk in the drive.We're going back to the early 90s.
     
  5. Spider

    Spider Administrator Staff Member

    Joined:
    Mar 24, 2011
    Messages:
    15,413
    Likes Received:
    1,784
    Trophy Points:
    1,000
    Location:
    Chicago, IL
    Tablet / Device:
    NOOK Tablet Stock NOOKcolor Rooted/Flashed Nexus 7 (2013) 32GB Stock
    Someone on the site Jeffrey cited as the source commented he was going to go back to floppies. We know that wouldn't help, but I didn't bother to comment.:rolleyes:
     
    • Agree Agree x 1
  6. Spider

    Spider Administrator Staff Member

    Joined:
    Mar 24, 2011
    Messages:
    15,413
    Likes Received:
    1,784
    Trophy Points:
    1,000
    Location:
    Chicago, IL
    Tablet / Device:
    NOOK Tablet Stock NOOKcolor Rooted/Flashed Nexus 7 (2013) 32GB Stock

Share This Page

Search tags for this page

infected nook color