The case dates this summer. During the famous Black Hat conference, two German researchers Karsten Nohl safe and Jakob Lell revealed to the public a highly critical vulnerability by the name of BadUSB. The latter allows, with an effective reprogramming of installing cookies and even take control of a machine without being detected by any antivirus or known device. In addition the fault is not easily correctable. Should we expect the Apocalypse?
Basically, we must tackle the USB device firmware. After reprogrammed according to the method discovered by the researchers, it is possible to emulate the famous USB key in another component, eg, a keyboard, a network card. If the USB stick poses as a keyboard, then it becomes possible to type a predefined script. In the case of a network card, it is conceivable to swing the online traffic to a third computer. The latest alarming possibility is the installation of a virus directly boot a machine.
And the alarm is sounded, it is that such a device does not currently have against sizes available. Put simply, it is not possible to prevent it this time. No antivirus or other human operation can detect malicious code and created on such a USB key. Outwardly, nothing distinguishes a healthy pockmarked key.
During the Black Hat, the two researchers had not made public their work. But two other security experts, Adam Caudill and Brandon Wilson managed to exploit a flaw like they put on GitHub so, according to them, to push manufacturers to take action faster! According to them,organizations like the NSA already exploit all the benefits enabled by such a vulnerability in espionage operations.
It is therefore urgent. According to themotorcyclers, writing a new USB firmware to provide extra security could take up to 10 years from its creation to its implementation in the relevant equipment. Better to be wary of USB devices around you, you can never be too careful!