oss-sec mailing list archives
Re: BadUSB discussion
From: John Haxby <john.haxby () oracle com>
Date: Fri, 08 Aug 2014 13:36:36 +0100
On 08/08/14 12:20, Dan Carpenter wrote:
The attack looks like someone who says, "Can you copy some files from my USB flash drive which?" (not knowing it is infected) and then there is a popup, "This newly inserted USB device is trying to type commands, is that ok? y/N?".
That's all very well, but:
One of the attacks involves a USB stick that acts as three separate devices -- two thumb drives and a keyboard. When the device is first plugged into a computer and is detected by the OS, it acts as a regular storage device. However, when the computer is restarted and the device detects that it's talking to the BIOS, it switches on the hidden storage device and also emulates the keyboard, Nohl said. Acting as a keyboard, the device sends the necessary button presses to bring up the boot menu and boots a minimal Linux system from the hidden thumb drive. The Linux system then infects the bootloader of the computer's hard disk drive, essentially acting like a boot virus, he said.
From http://www.infoworld.com/d/security/most-usb-thumb-drives-can-be-reprogrammed-infect-computers-247489 via http://catless.ncl.ac.uk/Risks/28.14.html#subj6.1 (which seems to be down at the moment). The vulnerabilities aren't restricted to thumb drives. If there's room for a 1-wire chip in an Apple Lightning connector (http://www.chipworks.com/en/technical-competitive-analysis/resources/blog/inside-the-apple-lightning-cable/) then there's room for a lot more in the USB connector. Borrowing a cable to charge your mobile phone could become a risky business. jch
Current thread:
- Re: BadUSB discussion, (continued)
- Re: BadUSB discussion (GalaxyMaster) (Aug 08)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 08)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 08)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 08)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 09)
- Re: BadUSB discussion Vincent Lefevre (Aug 14)
- Re: BadUSB discussion gremlin (Aug 08)
- Re: BadUSB discussion gremlin (Aug 08)
- Re: BadUSB discussion Rich Felker (Aug 08)
- Re: BadUSB discussion Willy Tarreau (Aug 09)
- Re: BadUSB discussion Yves-Alexis Perez (Aug 09)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion gremlin (Aug 08)
- Re: BadUSB discussion Greg KH (Aug 08)
- Re: BadUSB discussion gremlin (Aug 08)
- Re: BadUSB discussion (GalaxyMaster) (Aug 08)