If you think that malware can only comes from web , email attachment as well as Corrupted files than you are wrong.! Because of that Now USB is also a malicious weapon to spread malware.
USB has come up as a major threat to a number of users who use USB drives , including USB sticks and keyboards, Mouse etc. Security researchers have released a bunch of hacking tools that can be used to convert USB drive into silent malware installer.
This Vulnerability is known as ' BadUSB' . Developers have also released code on Open Source Code Hosting site GitHUB.
You Can Find It Here.
The code released by Adam Caudill and Brandon Wilson has capability to spread itself by hiding in the firmware meant to control the ways in which USB devices connect to computers. The hack utilizes the security flaw in the USB that allows an attacker to insert malicious code into their firmware.Critical vulnerability is now available online for hackers, cyber criminals and everybody to use so as to infect as many computers as they want.
In simple words , This is not virus, this is classics "back door" in firmware usb devices, which can enable "firmware update / overwrite local controller software". This is a lot of years known method, nothing new. This is hardware producent fault. btw. almost each electronic device has own firmware, which can be upgraded if this producent enables.
What you can do with this Code?
- Access thumb drives
- Internet Traffic Can Redirect by using this
- Create Back Door in Firmware of USB
- Put Keylogger to Victim Machine
- Inject any malicious files or Code into any Machine by just connecting USB
- The device can also spoof a network card and change the computer’s DNS setting to redirect traffic.
But you don't worry because this vulnerability is only shown in USB manufacturer Phison electronics. A Phison USB stick can infect any type of computer, but it isn’t clear if its able to infect any other USB device that is plugged into them.
0 comments:
Post a Comment