Skip to main content
  1. Home
  2. Computing
  3. News

With BadUSB, hackers can make your USB devices turn against you

By

badusb hackers can make usb devices turn srlabs blackhat 2014
Image used with permission by copyright holder
Imagine malware that can take control of your keyboard, mouse, and webcam. Sounds scary, doesn’t it? Now, picture your PC coming across this malware which, oh by the way, is virtually undetectable. Hugging yourself in the corner and crying yet? This isn’t a hypothetical scenario either.

It’s real, and it’s called BadUSB.

Recommended Videos

According to SRLabs, a security research firm based in Germany, BadUSB can be loaded on any USB flash drive, and because it runs on a flash drive that’s connected to a target computer as opposed to the computer itself, it’s virtually undetectable to anti-malware programs installed on that machine.

Related

MORE: Meet Bleep, BitTorrent’s anti-NSA chat and messaging app

SRLabs says that a flash drive with BadUSB, when inserted into a computer, can act has a virtual keyboard, permitting a hacker to run malicious commands. It can also infect the controller chips inside other USB devices that are connected to the same computer. The stick with BadUSB on it can also behave like a network card and redirect a target’s traffic to malicious websites. On top of that, during bootup, a BadUSB-loaded flash or external hard drive can infect a computer’s operating system with a virus before it even completes the process of booting up. These are just some of the ways that BadUSB can ruin your life.

MORE: Best free firewalls for Windows and Mac

Treating such an infection is also not a simple matter of unplugging the USB devices from your system and/or reformatting your hard drive either, unfortunately.

“Cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root,” SRLabs says. “The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer.” SRLabs also notes that a BadUSB device could even replace your computer’s BIOS. Yikes.

Your best defense against such an attack would be to never accept or plug in a USB flash drive that you got from someone you don’t trust. Also, as ExtremeTech (somewhat humorously, we assume) notes, when it comes to mice and keyboards, there’s always the possibility of going back to PS/2 devices, assuming your PC’s motherboard has those ports. Strangely enough, we’ve seen high-end gaming PCs ship with PS/2 ports in them even today, like the Maingear Vybe Z97, which we reviewed recently.

SRLabs will be releasing proof-of-concept tools on August 7, which will be demoed at the BlackHat 2014 conference next week.

Editors' Recommendations

Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
You’ll never guess what hackers are using Microsoft Calculator for
A depiction of a hacker breaking into a system via the use of code.

Hackers have found an unusual and unconventional method to infect PCs with malware: distributing dangerous code with Windows Calculator.

The individuals behind the well-known QBot malware have managed to find a way to use the program to side-load malicious code on infected systems.

Read more
Hackers can easily watch your every move, control PCs with free NanoCore Trojan
ransomware

If your laptop or desktop is running Windows, you might want to make sure you're up and running with the latest version of the operating system and your antivirus software. Researchers have discovered a new strain of the "NanoCore" remote access trojan (RAT), which could leave the most amateur hackers in complete control of your PC.

While RAT trojans have been around for some time, the latest trojan, known as NanoCore v1.2.2, is particularly dangerous. It is freely available for hackers to download on the dark web and can also easily be deployed to PCs. The most common method for deployment is via bogus "Urgent" phishing emails that typically contain fake order invoice documents with hidden malicious macro scripts. It is well known to security researchers but also can reach deep into the Windows registry and, even the network.

Read more
Best Lenovo laptop deals: Save on Yoga and ThinkPad laptops
Lenovo Yoga 9i Gen 8 front angled view showing display and keyboard deck.

Lenovo often has some of the best laptop deals to shop, and if you’re in the market for one of the best laptops or something more entry-level, there are a lot of Lenovo laptop deals going on right now. With Lenovo regularly turning up among the best laptop brands, its ThinkPad and IdeaPad lineups offer a lot of value when a deal is taking place. You’ll find several Lenovo models discounted right now and they range from entry level price points to more capable machines. We’ve rounded up all of the best Lenovo deals below. You can read onward for those details, or if Lenovo isn’t your brand you can also check out the current Dell laptop deals, HP laptop deals, and MacBook deals.
Lenovo 500w Gen 3 — $279, was $399

The Lenovo 500w Gen 3 is comes in with entry-level specs, but it’s the kind of laptop that can get you through an entire day of work or play. It has an 11.6-inch touchscreen that’s good for taking notes, and it even works with standard No. 2 pencils, eliminating the need for an expensive stylus. It has the latest connectivity options so you’re getting fast WiFi, and well as built-in security options and a high definition webcam.

Read more