Latest in Badusb

Image credit:

Security researchers detail 'unpatchable' USB hack

Share
Tweet
Share
Save

Sponsored Links

Remember Karsten Nohl? The security researcher who discovered how to infect just about any USB device with scarily savvy malware and delivered a lengthy talk about it at this year's Black Hat conference? At the time he didn't want to share the code for his exploit, but fellow researchers Adam Caudill and Brandon Wilson figured out how to pull off some of the same tricks and they've published their findings on GitHub. Why? To try and force device manufacturers to get their security acts together.

Nohl's reason for withholding his code the first time around was because he thought it was "unpatchable" -- that is, there wouldn't be an easy firmware fix for this potentially huge problem. We do mean huge, too: the so-called BadUSB proof-of-concept allowed Nohl (along with Caudill and Wilson after the fact) to manipulate files installed from an infected USB device, make an infected gadget act as a faux-keyboard that attackers could control, and in some cases relay personal information to a remote server. Some might argue that releasing this sort of information into the wild is irresponsible and dangerous, but Caudill and Wilson hope to get USB vendors thinking seriously about this potential threat by proving that there's nothing potential about it.

Via: Wired
Source: GitHub
In this article: badusb, exploir, firmware, hack, security, usb
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share
Save

Popular on Engadget

Motorola is making Android TVs too

Motorola is making Android TVs too

View
Google may soon let you search with a screenshot

Google may soon let you search with a screenshot

View
US investigates escort and massage sites over human trafficking

US investigates escort and massage sites over human trafficking

View
Nissan envisions car-themed esports gaming chairs

Nissan envisions car-themed esports gaming chairs

View
AI can gauge the risk of dying from heart conditions

AI can gauge the risk of dying from heart conditions

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr