BadUSB - USB Vulnerability found

W

wez1007

Senior Member
Joined
Oct 31, 2012
Messages
912
Reaction score
0
Location
KZN
Similar to the USB Rubber Ducky stick but has the potential to do a fair whack of harm:


It's a common scene from TV: Our hero sneaks into the villain's office, plugs in a USB stick and — flash! — all the secret plans to conquer Chicago are sucked down into the thumb-drive. The only fiction is how fast it takes to download data. In the real world, office data thieves walk out with stolen data everyday on their flash drives.

It could be worse. USB sticks can also carry malware. Or, as SRLabs security researchers Karsten Nohl and Jakob Lell propose to show at Black Hat, an ordinary USB pen drive can be turned into an automated hacking tool.

The base problem, according to the pair, is "USB has become so commonplace that we rarely worry about its security implications. USB sticks undergo the occasional virus scan, but we consider USB to be otherwise perfectly safe — until now."
Click to expand...

This exploit basically modifies the firmware on the Memory stick to report that it is a HID. From there it can run code and possibly inject malware.
Read more

Imagine this thing started to spread from memory stick to memory stick like a worm...
 
Last edited:
:eek: That's not cool!

Besides the drive manufacturers implementing stricter control features for the firmware don't you think the antivirus companies will have to add the functionality to detect the malware?
 
LaraC said:
:eek: That's not cool!

Besides the drive manufacturers implementing stricter control features for the firmware don't you think the antivirus companies will have to add the functionality to detect the malware?
Click to expand...

Firmware definitely needs to be locked somehow with maybe a recessed button for flashing new firmware (similar to the reset buttons on most switches/routers)

I wonder how one could prevent this from an antivirus stand point.

Ive heard some guys have fired up their Hot glue guns and have glued unused usb ports up :wtf:
 
wez1007 said:
I wonder how one could prevent this from an antivirus stand point.
Click to expand...

I guess they will have to include the ability to scan the chipsets of the devices. Don't know if it is possible.
 
Problem is its running on the firmware and there is no standard design that the AV could compare against to see if it has been modified in any way.
 
Nothing new here, its been possible and theorized as possible for a good number of years.
UEFI is also quite susceptible too, as are motherboards with BMC's. Firewire also has vulnerabilities, as do pci based devices - ethernet cards would be a good example, and thunderbolt. USB is just another in a long chain of badly designed interfaces with issues.
If theres enough space to hide code somewhere non volatile, you have access, especially if the firmware is flashable.

Some examples of various ways:

http://www.infoworld.com/t/insider-threats/security-company-infects-clients-network-trojan-mouse-576

https://www.blackhat.com/presentations/bh-dc-07/Heasman/Paper/bh-dc-07-Heasman-WP.pdf

http://www.breaknenter.org/2012/02/...cking-macs-through-the-thunderbolt-interface/
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X