Skip to main content
  1. Home
  2. Computing
  3. News

With BadUSB, hackers can make your USB devices turn against you

By

Imagine malware that can take control of your keyboard, mouse, and webcam. Sounds scary, doesn’t it? Now, picture your PC coming across this malware which, oh by the way, is virtually undetectable. Hugging yourself in the corner and crying yet? This isn’t a hypothetical scenario either.

It’s real, and it’s called BadUSB.

Recommended Videos

According to SRLabs, a security research firm based in Germany, BadUSB can be loaded on any USB flash drive, and because it runs on a flash drive that’s connected to a target computer as opposed to the computer itself, it’s virtually undetectable to anti-malware programs installed on that machine.

Related

MORE: Meet Bleep, BitTorrent’s anti-NSA chat and messaging app

SRLabs says that a flash drive with BadUSB, when inserted into a computer, can act has a virtual keyboard, permitting a hacker to run malicious commands. It can also infect the controller chips inside other USB devices that are connected to the same computer. The stick with BadUSB on it can also behave like a network card and redirect a target’s traffic to malicious websites. On top of that, during bootup, a BadUSB-loaded flash or external hard drive can infect a computer’s operating system with a virus before it even completes the process of booting up. These are just some of the ways that BadUSB can ruin your life.

MORE: Best free firewalls for Windows and Mac

Treating such an infection is also not a simple matter of unplugging the USB devices from your system and/or reformatting your hard drive either, unfortunately.

“Cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root,” SRLabs says. “The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer.” SRLabs also notes that a BadUSB device could even replace your computer’s BIOS. Yikes.

Your best defense against such an attack would be to never accept or plug in a USB flash drive that you got from someone you don’t trust. Also, as ExtremeTech (somewhat humorously, we assume) notes, when it comes to mice and keyboards, there’s always the possibility of going back to PS/2 devices, assuming your PC’s motherboard has those ports. Strangely enough, we’ve seen high-end gaming PCs ship with PS/2 ports in them even today, like the Maingear Vybe Z97, which we reviewed recently.

SRLabs will be releasing proof-of-concept tools on August 7, which will be demoed at the BlackHat 2014 conference next week.

Editors’ Recommendations

Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
If you install one piece of software on your PC, make it this
Brothers bonding looking at phone safely thanks to MTP.

From viruses and ransomware to cyber criminals and online snoops, there are so many online threats today that the internet can seem like a digital minefield. These dangers are only exacerbated when you’ve got multiple users on your network, such as in a family home or professional office, as this creates multiple potential attack vectors for bad actors to exploit. If bolstering your network and internet-connected devices against today's online threats seems too exhausting to even think about (let alone execute) and you’re looking for a comprehensive and affordable all-in-one security solution that makes things easy, then McAfee Total Protection has everything you need. Here’s how it works and what it can do for you.

McAfee is one of those household names that everybody almost instantly recognizes, and it's a name that's long stood at the top of many lists of the best antivirus software (including ours). But let's face it: In this day and age, you have a lot more to worry about than just viruses. The term "computer virus" almost seems like a quaint holdover from the '90s and early aughts, with today's online landscape featuring a myriad of threats like spyware, ransomware, rootkits, adware, malicious trackers, and more permeating the internet. If you don't know what some of these words even mean, then constantly shielding yourself and your family against such threats can feel like pushing a boulder uphill.

Read more
You’ll never guess what hackers are using Microsoft Calculator for
A depiction of a hacker breaking into a system via the use of code.

Hackers have found an unusual and unconventional method to infect PCs with malware: distributing dangerous code with Windows Calculator.

The individuals behind the well-known QBot malware have managed to find a way to use the program to side-load malicious code on infected systems.

Read more
Man who looked himself up on ChatGPT was told he ‘killed his children’
ChatGPT logo on a phone

Imagine putting your name into ChatGPT to see what it knows about you, only for it to confidently -- yet wrongly -- claim that you had been jailed for 21 years for murdering members of your family.

Well, that’s exactly what happened to Norwegian Arve Hjalmar Holmen last year after he looked himself up on ChatGPT, OpenAI’s widely used AI-powered chatbot.

Read more