News

Researchers publish code for manipulating USB controllers

By admin
Spread the love

Two security researchers have posted code on GitHub that can manipulate USB controllers. Computers can often be attacked unnoticed with USB sticks. With the publication, the researchers say they want to underline the danger of ‘bad USB’.

In August, German researchers unveiled a method of attack during Black Hat by taking over Windows and Linux PCs after tampering with the firmware used in USB controllers. However, the code for the so-called “badusb hack” was not made public because the researchers believed the danger was too great and very difficult to patch.

Independent researchers Adam Caudill and Brandon Wilson disagreed with this reluctance and posted code on GitHub to reprogram commonly used USB microcontrollers from Taiwanese company Phison. With a manipulated USB stick they managed to emulate keystrokes, among other things. The attack code used would be virtually invisible to security software by using hidden partitions and other tricks and therefore very difficult to detect.

The two researchers say they deliberately released the code in their so-called Psychson project to accelerate work on possible defenses against bad USB. An earlier proposal, whitelisting USB devices, would take too long to be effective. However, the two would also not want to release certain code, Wired writes, such as a potentially very dangerous attack method in which USB sticks plugged into a PC could also infect each other.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

ASUS will produce and support NUC mini PCs after Intel exit

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck