USB (Universal Serial Bus) has changed the way devices connect. USB connection is worldwide used method to connect peripherals. The ease of connection is the reason of its success. In the era of serial ports, ps/2, LPT and many such specific ports device it was always difficult to configure devices.
Security researcher Jakob Lell from SRLabs, Berlin and an independent security researcher Karsten Nohl together have brought into light an exploit that makes way for an hacker by taken control of your devices through USB peripherals.
They have recently given a presentation on BadUSB at the Black Hat USA 2014 conference in Las Vegas. USB devices can throw your system open to hackers for easy access.
Boon turned Curse :
USB devices are known for their versatility. The same USB port can be used to connect a storage device, a input device or even an audio/video device. Thus the port does not determine the device but the device tells the port its type.
Since the USB controller chips can be reprogrammed, it becomes easy to exploit it. A storage device for example can be easily programmed into a keyboard that can control the system remotely.
Why BadUSB exploit can be dangerous :
If you were thinking only a pen drive or a portable hard disk could be affected by BadUSB you were wrong.
All USB devices come with a controller chip so you can understand the danger. Your every USB device can be affected by BadUSB. It can be your webcam, pocket routers, data cards, phones and many more.
The worst part is if you connect an infected device to your system, your system could affect all other usb devices connected to the system thus multiplying the infection. An infected system could be further bombarded by giving Malware download instructions through the BadUSB device’s. The Malware could then intensify the attack along with the stationed BadUSB.
BadUSB exploit Solution :
Once affected formatting your hard drives alone could not help you get rid of the situation. Since you could have already have the BadUSB exploit taken all of your usb devices.
Once infected by the BadUSB exploit, computers and the USB peripherals that came in contact with the it can never be trusted again.