SR Labs Reveals Serious Security Flaw For USB Functions
Image courtesy of Victor Habbick / FreeDigitalPhotos.net
Security Research Labs security experts have determined hackers have yet another way to take control over computers – the firmware controlling USB functions lacks real security. And, this discovery means a new wave of attacks that currently has no defense.
Security Research Labs Chief Scientist Karsten Nohl, along with security researcher Jakob Lell, found the susceptibility while reverse-engineering the firmware. Both researchers named the serious flaw “BadUSB”. The researchers say the widely used USB controller chips can be reprogrammed because there is no protection.
The flaw isn’t just applied to external hard drives or USB thumb drives; it applies to all devices that are connected to a PC through a USB port – mice, keyboards and mobile device chargers.
The researchers said the same connectors can have various devices plugged into them. Therefore, one kind of device can become more malicious than another without users ever realizing it.
Hackers can exploit the security flaw by reprogramming the USB device’s firmware using a malicious code. This code could gain them access to the PC’s infected device and create their own commands – installing malware, issuing commands and accessing files. The modified thumb drive can mimic the network card and change the DNS setting of the computer to reroute traffic and install a virus to infect the operating system before booting.
This infected peripheral could infect other PC-connected USB devices. Nohl said SR Labs has successfully carried out these attacks for themselves. Global intelligence agenices may be launching attacks using the security susceptibility.
Both Lell and Nohl said there is no effective defense from these kinds of attacks. Since malware scanners are unable to access the firmware that runs of USB devices, there are no firewalls that can block certain device classes. The researchers said BadUSB device’s behavior is hard to detect since it changes when a user plugs in a new device.
Both researchers said getting over an attack is tricky since just reinstalling the operating system won’t address the root of the problem of the BadUSB infections. They said the USB thumb drive, which is how the operating system may be reinstalled, could be infected as well as other USB components of the computer. In fact, the BadUSB device could have replaced a computer’s BIOS, imitating the keyboard and unlocking the hidden file for the USB thumb drive.
They said once the computer or USB devices are infected, they should never be trusted again.
Online News Heard Now
Short URL: http://www.onlinenewsheardnow.com/?p=3456
Posted by