New Malware Can Live Inside Any USB Device Undetected

[Jeffrey]

It turns out that the stalwart USB thumbstick, or any universal serial bus device, isn't as trustworthy as once thought. A pair of security researchers has found we need to worry about more than just malware-infected files that are stored portable drives, and now need to guard against hacks built into our geek-stick's firmware according to Wired. The proof-of-concept malware Karsten Nohl and Jakob Lell have created is invisible and installable on a USB device and can do everything from taking over a user's PC to hijacking the DNS settings for your browser. Or, if it's installed on a mobile device it can spy on your communications and send them to a remote location, similar to the NSA's Cottonmouth gadgets. If those don't worry you, perhaps that the "BadUSB" malware can infect any USB device -- including keyboards -- and wreak havoc, will. What's more, a simple reformat isn't enough to disinfect either, and the solution that Lell and Nohl suggest goes against the core of what many of us are used to doing.

The duo says that the only way around BadUSB is to more or less treat devices like hypodermic needles; trusting only those that have been used within our personal ecosystem and throwing away any that've come in contact with other computers. Hopefully you don't have a ton of untrustworthy Porsche sticks laying around.


Source

 

[Spider]

The duo says that the only way around BadUSB is to more or less treat devices like hypodermic needles; trusting only those that have been used within our personal ecosystem and throwing away any that've come in contact with other computers.

For me, part of fixing an infected PC or "tuning" one usually involves plugging one of my thumb drives with stand alone utilities and AV programs into their "bad" PC. The drive I've used has a "Lock" switch on it, and I always make sure the R/W switch is flipped to Locked, making it read only.

Any idea whether this malware can still get into my drive?

 

[Jeffrey]

Here is some additional info.

Unless the tainted firmware is itself reverse engineered, the malware is protected from being discovered and will remain on a device even after a disk erasure is performed, a routine process for clearing suspected malicious software.

Further, BadUSB is bidirectional. In other words, if a malware's payload is coded to do so, a thumb drive can infect a computer's USB firmware, which in turn reprograms the firmware of yet another connected USB device, spreading the code silently across any and all systems. In testing, Nohl and Lell found that basically any USB device is vulnerable to the exploit.


Source

 

[leeshor]

This reminds me of the very old original infections that were called boot sector viruses and were usually transmitted from system to system by restarting a system that had an infected floppy disk in the drive.We're going back to the early 90s.

 

[Spider]

Someone on the site Jeffrey cited as the source commented he was going to go back to floppies. We know that wouldn't help, but I didn't bother to comment.

 

[Spider]

Some related articles:
http://www.zdnet.com/badusb-big-bad...0032211/?s_cid=e539&ttag=e539&ftag=TRE17cfd61
http://www.zdnet.com/criminals-push-malware-by-losing-usb-sticks-in-parking-lots-7000000729/