Researchers demonstrate hacking Linux PC via infected USB sticks

At the Black Hat hacker conference, German researchers demonstrated how they can take over Linux PCs in addition to Windows computers by manipulating the firmware of USB sticks. On Linux, sudo rights are required, something the researchers obtain through the screensaver.

The researchers recently announced that they can manipulate the firmware of a certain brand of USB controllers. This “BadUSB” hack allows an infected USB stick to infect other USB devices connected to the same computer by impersonating a USB keyboard.

That trick works not only on Windows PCs, but also on computers with Linux, claim the researchers, including the well-known German ‘mobile phone hacker’ Karsten Nohl. The malware gains sudo rights by calling the screensaver to the front and intercepting the password the user types via a password stealer. With those sudo rights, the USB devices can infect other USB devices.

The researchers say that computers should whitelist USB devices to limit the effects of BadUSB and that virus scanners should also scan firmware of USB devices for infections. A definitive solution is to disable hardware firmware updates, although that method would also have the disadvantage that bugs cannot be patched.

Nohl previously managed to crack the software on SIM cards remotely, after which messages could be intercepted and telephone conversations could be tapped. Nohl also hacked the public transport chip card and the encryption used to secure mobile phone conversations.