BadUSB: the technology world’s newest incurable, unpredictable plague

Using a USB is no longer one of the safest ways to transfer files between computers. Why? Because two researchers (Karsten Noll and Jakob Lell of SRLabs) have discovered a way to reprogram the device’s firmware to attack the computer to which it is attached. As if this weren’t bad enough, the reverse engineered USB can affect the computer in such way that any USB device that is plugged into it will be corrupted as well. Think that connecting an anti-virus device will solve the problem? Think again. The infected computer will self-replicate the malware onto the newly attached device’s controller to make it a BadUSB as well.

Because this new attack isn’t a normal virus, security measures like McAfee or Norton will not stop the attack. These systems scan files and program codes to identify malicious behavior and attributes. This BadUSB as the creators have dubbed it is unique because it is run through the controller of the USB, not in the memory. Thus, the connected computer will not be able to recognize the malware. The device identifies itself as a USB to the computer once connected but is able to redefine itself as another device such as a keyboard. This may not seem useful at first but once defined as a keyboard, the malware can then enter strokes that command the computer to do tasks such as download Trojans or log into accounts, giving the USB needed usernames and passwords.

Unfortunately once a computer has been infected, there is nothing even the savviest tech can do to remove the malware. Noll explained that the only valid defense for this breach is for the device creators to “make it so the firmware can’t be reprogrammed.” Even an unopened USB drive fresh from the store can already have been infected at the factory so planning to replace all old devices with new ones doesn’t ensure security. Until the way USB controllers are made and programmed differently at production, this new threat is a reality that we should all be on the lookout for.