Researcher Details USB-Based Attack That Circumvents All Known Protective Security Measures
Security research Karsten Nohl of Berlin's SR Labs has revealed a flaw in USB devices that potentially allows hackers to evade all known security measures used by a computer. In a report by
Wired, Nohl says his BadUSB exploit is "almost like a magic trick" because "you cannot tell where the virus came from."
The exploit takes advantage of a flaw that allows a hacker to tamper with the firmware that controls the functions of USB devices such as mice, thumb drives and keyboards.
Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted. And the two researchers say there’s no easy fix: The kind of compromise they’re demonstrating is nearly impossible to counter without banning the sharing of USB devices or filling your port with superglue.
“These problems can’t be patched,” says Nohl, who will join Lell in presenting the research at the Black Hat security conference in Las Vegas. “We’re exploiting the very way that USB is designed.”
Nohl, along with fellow SR Labs researcher Jakob Lell, will present additional details on this attack during a presentation at the annual Black Hat hacking conference, which will be held next week in Las Vegas. The title of
his presentation is "Bad USB - On Accessories that Turn Evil."
Recent Mac and iOS Blog Stories •
Vox Music Player Updated With SoundCloud Integration, New Organizational Features •
Apple Launches New EFI Update 2.9.1 For 2011 MacBook Air to Solve Installation Problems •
NomadPlus Transforms an Apple Charger Into a Portable Battery •
Apple Reminding Shoppers of Upcoming 'Sales Tax Holiday' Discounts •
OWC Shares Mid-2014 Retina MacBook Pro Unboxing, SSD Tests •
Instagram's Snapchat Competitor 'Bolt' Soft Launches in Three Countries •
'Signal' for iOS Lets Users Make Encrypted Voice Calls for Free •
Kindle for iOS Updated With Syncing and Navigation Improvements<img width='1' height='1' src='
http://rss.feedsportal.com/c/35070/f/648327/s/3d0e36db/sc/28/mf.gif' border='0'/><br clear='all'/>
<a href="
http://da.feedsportal.com/r/204366080147/u/49/f/648327/c/35070/s/3d0e36db/sc/28/rc/1/rc.htm" rel="nofollow"><img src="
http://da.feedsportal.com/r/204366080147/u/49/f/648327/c/35070/s/3d0e36db/sc/28/rc/1/rc.img" border="0"/>[/url]
<a href="
http://da.feedsportal.com/r/204366080147/u/49/f/648327/c/35070/s/3d0e36db/sc/28/rc/2/rc.htm" rel="nofollow"><img src="
http://da.feedsportal.com/r/204366080147/u/49/f/648327/c/35070/s/3d0e36db/sc/28/rc/2/rc.img" border="0"/>[/url]
<a href="
http://da.feedsportal.com/r/204366080147/u/49/f/648327/c/35070/s/3d0e36db/sc/28/rc/3/rc.htm" rel="nofollow"><img src="
http://da.feedsportal.com/r/204366080147/u/49/f/648327/c/35070/s/3d0e36db/sc/28/rc/3/rc.img" border="0"/>[/url]
<img src="[url]http://da.feedsportal.com/r/204366080147/u/49/f/648327/c/35070/s/3d0e36db/sc/28/a2.img" border="0"/>[/url]<img width="1" height="1" src="
http://pi.feedsportal.com/r/204366080147/u/49/f/648327/c/35070/s/3d0e36db/sc/28/a2t.img" border="0"/><div class="feedflare">
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=yIl2AUoC8zA" border="0"></img>[/url]
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=6W8y8wAjSf4" border="0"></img>[/url]
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=qj6IDK7rITs" border="0"></img>[/url]
</div><img src="
http://feeds.feedburner.com/~r/MacRumors-Front/~4/Oo6V-CmBQhc" height="1" width="1"/>
Source:
Researcher Details USB-Based Attack That Circumvents All Known Protective Security Measures
