Security researchers publish code that can be used to exploit BadUSB flaw

security firm releases proof concept code badusb malware public
Adam Caudill and Brandon Wilson, a pair of security researchers, published code that could be used to exploit a security flaw dubbed BadUSB.

BadUSB, which was detailed earlier this year by researchers from German firm SR Labs, could be exploited to infect a computer with malicious code and software. However, SR Labs stopped short of releasing code to the public as Caudill and Wilson did. SR Labs opted not to release code in order to give companies that make firmware which controls USB devices time to figure out how to combat the threat posed by BadUSB.

Caudill and Wilson believe that by releasing the code to the public, it could force tech firms to scramble and tighten security on USB devices at a faster rate.

While speaking with the BBC, Karsten Nohl of SR Labs said that this move could have the desired effect, but also warned that addressing such a problem is a bit more complex than one might think.

“In the case of BadUSB, however, the problem is structural,” he said. “The standard itself is what enables the attack and no single vendor is in a position to change that.”

What can a hacker do with BadUSB?

A flash drive with BadUSB loaded onto it, when inserted into a computer, can act has a virtual keyboard. This then permits a hacker to execute malicious commands. BadUSB can also infect controller chips in USB devices which are hooked up to that system.

A USB stick with BadUSB on it can also behave like a network card, and redirect a target’s traffic to malicious websites. Plus, during bootup, a BadUSB-loaded flash or external hard drive can infect a computer’s operating system with a virus before it finishes booting up. These are just a handful of ways that BadUSB can make things miserably for you and your computer.

BadUSB isn’t easily uprooted either, unfortunately.

“Cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root,” SRLabs says. “The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer.”

Right now, your best defense against BadUSB is to be completely sure that any USB device you plug into your computer comes from a trusted source.

It will be interesting to see what happens now that the code is out there for anyone to download.

Gaming

Google’s Stadia is the future of gaming, and that’s bad news for our planet

Google’s upcoming Stadia cloud gaming service, and its competitors, are ready to change the way gamers play, but in doing so they may kick off a new wave of data center growth – with unfortunate consequences for the environment.
Computing

USB drive issue blocks some PCs from receiving Windows 10 May 2019 update

A USB drive error resulted in some PCs being blocked from receiving the Windows 10 May 2019 update. Microsoft decided to block eligible PCs with USB drives or SD cards attached from getting the update until the error is fixed.
Emerging Tech

Burgers are just the beginning: Embracing the future of lab-grown everything

You’ve almost certainly heard of the 'farm to fork' movement, but what about 'lab to table'? Welcome to the fast-evolving world of lab-grown meat. Is this the future of food as we know it?
Computing

Former student uses USB Killer device to fry $58,000 worth of college’s PCs

A former student used a USB Killer device to short circuit more than $58,000 of computers at a private New York college earlier this year. The student pled guilty to the charges and sentencing is scheduled to begin in August.
Apple

Leaked memo: If your MacBook keyboard dies, Apple will fix or replace in one day

If your Apple MacBook keyboard is problematic, getting it fixed at a Genius Bar just got a lot easier. Apple has now mandated that its Geniuses repair or replace MacBook keyboards by the next working day.
Computing

In 2019, laptops are better than ever. Here are the best of the best

The best laptop should be one that checks all the boxes: Great battery life, beautiful design, and top-notch performance. Our picks for the best laptops you can buy do all that — and throw in some extra features while they're at it.
Product Review

Still waiting for a new Mac Pro? Corsair’s mini PC has all the power you'll need

With a modern 12-core Intel Core i9-9920X processor, Nvidia’s RTX 2080 Ti graphics, and 32GB of RAM, the Corsair One Pro is designed to woo creatives who demand more power from Apple’s Mac Pro. Like the Mac Pro, the best part of this PC…
Photography

Free your digital memories, and frame them, with the best photo printers

Printed photos are experiencing a revival at the moment, but you don’t need to go to a special lab. Here’s our favorite options for making quality prints, from pocket-sized printers to wide-format photo printers capable of spitting out…
Cars

Nvidia agrees with Tesla’s take on self-driving cars, but corrects specifics

Nvidia vice president Rob Csongor agreed with broad statements by Elon Musk at Tesla's April 22 Autonomy Investor Day. Csongor then took exception to what he termed were inaccuracies about Nvidia's self-driving car chip.
Computing

Tablet or notebook? Our favorite 2-in-1 PCs give you the best of both worlds

If you can’t decide if you need a tablet or a notebook, then don’t bother. The best 2-in-1 laptops are both, and they can provide all the power you need. Check out our list for the best 2-in-1s for any user.
Computing

Amal and George Clooney want to change the world. Can Microsoft help?

Microsoft and The Clooney Foundation for Justice (CFJ) unveiled the TrialWatch app Thursday morning, a new tool in CFJ’s ongoing TrialWatch effort to shine a light on injustice in courts around the globe – which too often are simply…
Computing

These are the best 13-inch laptops you can buy right now

With so much choice out there, how do you know which are the best 13-inch laptops? They should have beautiful screens, long battery life, and remain light and portable. This is a list of our favorites.
Computing

These gaming monitors will transport you to another dimension

What are the best gaming monitors you can buy right now? We select five that are all priced under $900 packing premium technologies like G-SYNC and FreeSync, high resolutions, and fast refresh rates.
Photography

Luminar Accent A.I. can now recognize faces for more natural instant edits

Want to edit faster? Skylum Luminar's latest update enhances the Accent A.I. to use machine learning for instant enhancements. The tool now recognizes faces for more natural skin tones along with other enhancements.