USB devices can be hacked maliciously



USB hackers SR Labs

USB devices are ubiquitous: keyboards, mice, headsets and pocket drives and now they have become a potential security threat.

Karsten Nohl, the chief scientist at SR Labs in Germany, has released a report that says malicious software from bad guy hackers can be loaded on to the microcircuitry of USB devices and use to control them. And, to add insult to injury, the little suckers do not have any built-in security to avoid this kind of attack on their internal coding.

Related: The one security flaw we can’t fix – our own stupidity

Apparently, this doorway through these tiny devices exists because there are, as is usual, bugs in the existing hardware. Usually, these bugs are invisible and unnoticed by users but they are potentially harmful flaws that can result in everything from keystroke software being installed on your connected computers, spyware, or even data destruction.

Nohl isn't just crying wolf. He was responsible for a presentation last year at the Black Hat Conference that highlighted methods that the NSA was using for surveillance.

According to Reuters:

In his tests, Nohl said he was able to gain remote access to a computer by having the USB instruct the computer to download a malicious program with instructions that the PC believed were coming from a keyboard. He was also able to change what are known as DNS network settings on a computer, essentially instructing the machine to route Internet traffic through malicious servers.

Once a computer is infected, it could be programmed to infect all USB devices that are subsequently attached to it, which would then corrupt machines that they contact.

Related: Aircraft can be hacked in flight says researcher

"Now all of your USB devices are infected. It becomes self-propagating and extremely persistent," Nohl said. "You can never remove it."

Nohl tested his findings on controller chips made Phison Electronics out of Taiwan, but a company spokesperson refused to acknowledge the veracity of the findings claiming lack of evidences on Nohl's part in his findings. 

Well, that's one more thing to worry about. 



Joe Jejune

I am a gadget freak and love everything about technology. In my day job I work at a startup and help build applications for the healthcare industry. 


More

Another Rock Series is Headed to Cable, Thanks to Scorsese and Jagger

New series, along with Cameron Crowe's Roadies, will bring classic rock to cable next year

Kate Winslet May Join Steve Jobs Biopic

Oscar winner may join Michael Fassbender, Jeff Daniels and Seth Rogen in cast

Liberace Hologram May Tour the World

He ain't rock and roll, but Liberace could start an avalance of hologram revivals