We all use devices USB in our digital lives. A new investigation first published by Wired reveals that there is a fundamental security flaw in the way Universal operates Serial Bus, and could be leveraged to take apart any computer.
Wired reports that security researchers Karsten Nohl and Jakob Lell managed to reverse engineer it engineering στο firmware που ελέγχει τις βασικές λειτουργίες επικοινωνίας του USΒ. Μετά έγραψαν και ένα malware που ονόμασαν BadUSB, Το συγκεκριμένο malware μπορεί να «να εγκατασταθεί σε μια συσκευή USΒ και να αναλάβει πλήρως τον έλεγχο ενός υπολογιστή. Το malware είναι αόρατο και δεν τροποποιεί τα archives that exist on the memory stick.
Embedded inside USB devices is a controller chip, which allows the device and the connected computer to send and receive information. That's exactly where Nohl and Lell's intervention was. This means that the malicious software their doesn't sit in flash memory, but is hidden in the firmware, which makes it undetectable by everyone, even the most tech-savvy. Lell reported to Wired:
You can give it to security researchers, detect it, delete some or all of the files, and give it back to you saying it 'clean'. The hack cannot be repaired. "
The worrying fact, of course, is that researchers will present the hack at the upcoming Black Hat security conference in Las Vegas. As the researchers say, the flaw can be exploited on any portable disk, mice, keyboards and even Android smartphones. (Theoretically, it could work on any USB device that its firmware can be reprogrammed).