Skip to main content
  1. Home
  2. Computing
  3. News

With BadUSB, hackers can make your USB devices turn against you

By

badusb hackers can make usb devices turn srlabs blackhat 2014
Image used with permission by copyright holder
Imagine malware that can take control of your keyboard, mouse, and webcam. Sounds scary, doesn’t it? Now, picture your PC coming across this malware which, oh by the way, is virtually undetectable. Hugging yourself in the corner and crying yet? This isn’t a hypothetical scenario either.

It’s real, and it’s called BadUSB.

Recommended Videos

According to SRLabs, a security research firm based in Germany, BadUSB can be loaded on any USB flash drive, and because it runs on a flash drive that’s connected to a target computer as opposed to the computer itself, it’s virtually undetectable to anti-malware programs installed on that machine.

Related

MORE: Meet Bleep, BitTorrent’s anti-NSA chat and messaging app

SRLabs says that a flash drive with BadUSB, when inserted into a computer, can act has a virtual keyboard, permitting a hacker to run malicious commands. It can also infect the controller chips inside other USB devices that are connected to the same computer. The stick with BadUSB on it can also behave like a network card and redirect a target’s traffic to malicious websites. On top of that, during bootup, a BadUSB-loaded flash or external hard drive can infect a computer’s operating system with a virus before it even completes the process of booting up. These are just some of the ways that BadUSB can ruin your life.

MORE: Best free firewalls for Windows and Mac

Treating such an infection is also not a simple matter of unplugging the USB devices from your system and/or reformatting your hard drive either, unfortunately.

“Cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root,” SRLabs says. “The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer.” SRLabs also notes that a BadUSB device could even replace your computer’s BIOS. Yikes.

Your best defense against such an attack would be to never accept or plug in a USB flash drive that you got from someone you don’t trust. Also, as ExtremeTech (somewhat humorously, we assume) notes, when it comes to mice and keyboards, there’s always the possibility of going back to PS/2 devices, assuming your PC’s motherboard has those ports. Strangely enough, we’ve seen high-end gaming PCs ship with PS/2 ports in them even today, like the Maingear Vybe Z97, which we reviewed recently.

SRLabs will be releasing proof-of-concept tools on August 7, which will be demoed at the BlackHat 2014 conference next week.

Editors' Recommendations

Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
You’ll never guess what hackers are using Microsoft Calculator for
A depiction of a hacker breaking into a system via the use of code.

Hackers have found an unusual and unconventional method to infect PCs with malware: distributing dangerous code with Windows Calculator.

The individuals behind the well-known QBot malware have managed to find a way to use the program to side-load malicious code on infected systems.

Read more
Hackers can easily watch your every move, control PCs with free NanoCore Trojan
ransomware

If your laptop or desktop is running Windows, you might want to make sure you're up and running with the latest version of the operating system and your antivirus software. Researchers have discovered a new strain of the "NanoCore" remote access trojan (RAT), which could leave the most amateur hackers in complete control of your PC.

While RAT trojans have been around for some time, the latest trojan, known as NanoCore v1.2.2, is particularly dangerous. It is freely available for hackers to download on the dark web and can also easily be deployed to PCs. The most common method for deployment is via bogus "Urgent" phishing emails that typically contain fake order invoice documents with hidden malicious macro scripts. It is well known to security researchers but also can reach deep into the Windows registry and, even the network.

Read more
Best SSD deals: Samsung 990 Pro discounts
Samsung 990 PRO SSD over a dark background.

As recently as a decade ago, you would most likely be using HDDs for storage, which tend to be quite slow and take up an absolute tone of space, even the smaller form factor ones made for laptops. If you wanted something a bit more fancy, like a modern M.2 SSD, you'd be paying a huge premium even for smaller sizes like 256GB and 512GB. Luckily there have been huge leaps in technology and manufacturing, and these days you can get your hands on the best SSDs for a pretty good price. Not only does that mean that you can save space, but you can also load Windows and your applications a lot faster, something we expect to see in the best gaming PCs and gaming laptops. If you need a new SSD to upgrade a gaming rig, check out RAM deals and GPU deals as well. If you need something that can swap between multiple devices, you'll prefer checking out external hard drive deals.
Our favorite SSD deal

If you're looking for something that's top-of-the-line and won't break the bank, then the Samsung 990 PRO is probably the way to go. It has the newer PCIe 4.0 standard, which makes it a great PS5 SSD if you can get it a heatsink, and it has a read speed of 7450 Mbps and a write speed of 6900 Mbps, so it's lightning fast. The 2TB model here has been discounted down to just $190 from the original $250, so you're saving a pretty solid $60 in the process. There is a 1TB version that's cheaper if you don't think you need that much, as well as a 4TB model that's great for those who have a tendency to hoard data.

Read more