What can a bad USB do?

What can a bad USB do?

BadUSB is an attack that exploits an inherent vulnerability in USB firmware. Such an attack reprograms a USB device, causing it to act as a human interface device; once re-engineered, the USB device is used to discreetly execute commands or run malicious programs on the victim’s computer.

What is malicious USB devices?

Malicious code — In the most basic of USB drop attacks, the user clicks on one of the files on the drive. HID (Human Interface Device) spoofing — In a more sophisticated attack, the device looks like a USB stick but in fact will trick the computer into thinking a keyboard is attached.

Can USB transmit virus?

An infected computer can spread a virus to a clean USB thumb drive that is inserted. That USB drive will then be spreading the virus onto other computers if the operating system on those machines has an AutoRun-type feature enabled.

Is there an exploit for a USB keyboard?

Now, white-hat hackers have devised a feat even more seminal—an exploit that transforms keyboards, Web cams, and other types of USB-connected devices into highly programmable attack platforms that can’t be detected by today’s defenses. Dubbed BadUSB, the hack reprograms embedded firmware to give USB devices new, covert capabilities.

What’s the name of the bad USB hack?

This hack, dubbed BadUSB, involves reprogramming the firmware of USB devices to perform a number of alarming attacks. In one such attack, Nohl and Lell plugged a USB device, which had been reprogrammed to change itself from a mass storage device to an HID keyboard, into a windows machine.

What makes a USB so dangerous to a network?

The remainder of this post will show how a USB can become deadly to even the most secure networks by using highly publicized and easily obtainable exploits like Rubber Ducky and BadUSB. One of the things that makes USB so dangerous is the universality of the device.

What can you do with a BadUSB exploit?

The things that can be done using the exploit seem to be endless. An example: a USB device could emulate a USB-connected keyboard and automatically send over all sorts of keystrokes that, when combined, could lead to various issues – installing malware, wiping key files off a drive, copying files over to the USB device, etc.