Researchers crack firmware USB controllers

By admin On Jul 31, 2014

Spread the love

Two security researchers, including the well-known ‘SIM card hacker’ Karsten Nohl, have cracked firmware that controls USB controllers. It is in any case about the firmware of one large Taiwanese manufacturer.

The researchers managed to install malware on the USB controllers, they report to Reuters news agency. It concerns USB controllers from the Taiwanese manufacturer Phison; controllers from that company are used in USB sticks, keyboards, mice and Android smartphones, among other things. The malware would be hard to remove.

According to the researchers, USB controllers are not sufficiently protected, although it is not clear whether controllers from other manufacturers are also vulnerable. The researchers will reveal their findings next week at the Black Hat security conference in Las Vegas.

Karsten Nohl and his co-researcher Jakob Lell managed to create malware that also tries to install malware itself as soon as the USB device is connected to a computer. This can be done, for example, by making the computer think that it is receiving instructions from a USB keyboard, even if the device in question is not a USB keyboard.

This could, for example, download malware that spreads itself to all USB devices that are connected to a computer, and which in turn infects computers. Also the dns settings could be changed. According to Nohl, antivirus programs do not detect the malware because they do not scan the firmware of USB chips. There seems to be something wrong with that: antivirus programs can sound the alarm if the chip tries to download malware.

A Phison spokesperson said it would be virtually impossible to rewrite the firmware on its controllers without accessing “confidential information.” The company cannot confirm that the researchers’ claims are correct.

Nohl previously managed to crack the software on SIM cards remotely, after which messages could be intercepted and telephone conversations could be tapped. Nohl also hacked the public transport chip card and the encryption used to secure mobile phone conversations.