USB devices can be hacked maliciously



USB hackers SR Labs

USB devices are ubiquitous: keyboards, mice, headsets and pocket drives and now they have become a potential security threat.

Karsten Nohl, the chief scientist at SR Labs in Germany, has released a report that says malicious software from bad guy hackers can be loaded on to the microcircuitry of USB devices and use to control them. And, to add insult to injury, the little suckers do not have any built-in security to avoid this kind of attack on their internal coding.

Apparently, this doorway through these tiny devices exists because there are, as is usual, bugs in the existing hardware. Usually, these bugs are invisible and unnoticed by users but they are potentially harmful flaws that can result in everything from keystroke software being installed on your connected computers, spyware, or even data destruction.

Nohl isn't just crying wolf. He was responsible for a presentation last year at the Black Hat Conference that highlighted methods that the NSA was using for surveillance.

According to Reuters:

In his tests, Nohl said he was able to gain remote access to a computer by having the USB instruct the computer to download a malicious program with instructions that the PC believed were coming from a keyboard. He was also able to change what are known as DNS network settings on a computer, essentially instructing the machine to route Internet traffic through malicious servers.

Once a computer is infected, it could be programmed to infect all USB devices that are subsequently attached to it, which would then corrupt machines that they contact.

"Now all of your USB devices are infected. It becomes self-propagating and extremely persistent," Nohl said. "You can never remove it."

Nohl tested his findings on controller chips made Phison Electronics out of Taiwan, but a company spokesperson refused to acknowledge the veracity of the findings claiming lack of evidences on Nohl's part in his findings. 

Well, that's one more thing to worry about. 



Joe Jejune

I am a gadget freak and love everything about technology. In my day job I work at a startup and help build applications for the healthcare industry. 


More

How To Market Yourself Online

Up to 93% of hiring managers review a candidate’s social profile before making a decision on whether to offer a role, and this number is only likely to increase.

Cheaper technology, a chance for small businesses

The new digital technologies are providing an affordable advertising platform for small businesses.

Are Industrial Control Systems the Latest Weapon in Modern Warfare?

Infrastructure providers, utility companies, transport companies and any organisation whose disruption could cause serious problems, as well as governments themselves, need to look much more seriously at how to defend against cyber- attacks.