Researchers Publish BadUSB Attack Code

Remember BadUSB? If you use a USB device to move digital files from one machine to another, you need to know the latest news on this flaw in design specs that could put your computers at risk.

Attack code for this flaw, which is impossible to patch, is now public. Security researchers Brandon Wilson and Adam Caudill released two patches to existing firmware for the Phison 2251-03, and a minimal custom firmware for that same chip.

But letEUs back up a minute. In August, we learned from SR Labs that the versatility of USBs -- almost any computer, from desktops to healthcare devices to storage can connect using USBs -- make this flaw especially dangerous.

EUTo turn one device type into another, USB controller chips in peripherals need to be reprogrammed,EU SLR reported. EUVery widely spread USB controller chips, including those in thumb drives, have no protection from such reprogramming.EU

Corrupting a Good USB

Once reprogrammed, SR Labs warned, benign devices can turn malicious. And thereEUs more than one way to turn a good USB into a so-called BadUSB.

For example, a device can emulate a keyboard and issue commands on behalf of the logged-in user to enter files or install malware. Alternatively, the device could also spoof a network card and change the computerEUs DNS setting to redirect traffic. Or, the firm explained, a modified thumb drive or external hard disk can boot a small virus when it detects that the computer is starting up. That virus infects the computerEUs operating system prior to boot.

"When a user looks at a thumb drive, what they perceive is nothing more than a storage device. But that's obviously an oversimplification," said Adam Caudill, a security researcher, at the DerbyCon conference last week. "It's effectively a computer -- a programmable computer . . . It can...

Comments are closed.