At the annual Black Hat hackers' conference in Las Vegas, SRLabs researchers, Karsten Nohl and Jakob Lell, revealed just how dangerous USB devices can be. While it is known that autoplay malware can be installed onto USB devices to infect PCs, this is not the only way they can be weaponized. In a demonstration, the duo showed off a technique for modifying a USB's controller chip to "spoof various other device types in order to take control of a computer, exfiltrate data, or spy on the user." In the demonstration, Lell plugged a USB drive into a Windows computer, where it initially appeared as a drive. Just after this, it redefined itself as a USB keyboard and issued a command to download a remote access Trojan. "Most (if not all) USB devices have a controller chip," said Noll. "You never interact with the chip, nor does the OS see it. But this controller is what 'talks USB.'" This chip is what identifies the device type to the computer and it can repeat this process at any time. A Webcam, for instance, has one driver for video and other for its microphone.
"Let's discuss for a moment the trust we place in USB. It's popular because it's easy to use. Exchanging files via USB is better than using unencrypted email or cloud storage. USB has conquered the world. We know how to virus-scan a USB drive. We trust a USB keyboard even more. This research breaks down that trust," explained Noll. "It's not just the situation where somebody gives you a USB. Just attaching the device to your computer could infect it." The researchers suggest that USB users remain cautious until the flaw is resolved. The USB Working Party refused to comment on the seriousness of the flaw.
0 comments:
Post a Comment