Skip to main content
  1. Home
  2. Computing
  3. News

Security researchers publish code that can be used to exploit BadUSB flaw

By

security firm releases proof concept code badusb malware public
Image used with permission by copyright holder
Adam Caudill and Brandon Wilson, a pair of security researchers, published code that could be used to exploit a security flaw dubbed BadUSB.

BadUSB, which was detailed earlier this year by researchers from German firm SR Labs, could be exploited to infect a computer with malicious code and software. However, SR Labs stopped short of releasing code to the public as Caudill and Wilson did. SR Labs opted not to release code in order to give companies that make firmware which controls USB devices time to figure out how to combat the threat posed by BadUSB.

Recommended Videos

Caudill and Wilson believe that by releasing the code to the public, it could force tech firms to scramble and tighten security on USB devices at a faster rate.

While speaking with the BBC, Karsten Nohl of SR Labs said that this move could have the desired effect, but also warned that addressing such a problem is a bit more complex than one might think.

“In the case of BadUSB, however, the problem is structural,” he said. “The standard itself is what enables the attack and no single vendor is in a position to change that.”

What can a hacker do with BadUSB?

A flash drive with BadUSB loaded onto it, when inserted into a computer, can act has a virtual keyboard. This then permits a hacker to execute malicious commands. BadUSB can also infect controller chips in USB devices which are hooked up to that system.

A USB stick with BadUSB on it can also behave like a network card, and redirect a target’s traffic to malicious websites. Plus, during bootup, a BadUSB-loaded flash or external hard drive can infect a computer’s operating system with a virus before it finishes booting up. These are just a handful of ways that BadUSB can make things miserably for you and your computer.

BadUSB isn’t easily uprooted either, unfortunately.

“Cleanup after an incident is hard: Simply reinstalling the operating system – the standard response to otherwise ineradicable malware – does not address BadUSB infections at their root,” SRLabs says. “The USB thumb drive, from which the operating system is reinstalled, may already be infected, as may the hardwired webcam or other USB components inside the computer.”

Right now, your best defense against BadUSB is to be completely sure that any USB device you plug into your computer comes from a trusted source.

It will be interesting to see what happens now that the code is out there for anyone to download.

Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
This Lenovo ThinkPad is almost $1,800 off today!
A press photo of the ThinkPad X1 Carbon Gen 11.

One of the best laptops for a busy computer-heavy workplace is the Lenovo ThinkPad. For years, this tried and true laptop and 2-in-1 has delivered a fast and reliable Windows experience to many a 9 to 5 go-getter. Processor speed and power evolve year over year, and new features are added to these laptops all the time. This also means you’ll be able to find discounts on older machines, which is precisely what we came across while scouring through Lenovo ThinkPad deals:

Right now, as part of Lenovo’s doorbuster sale, you’ll save $1,800 on the purchase of a brand-new Lenovo ThinkPad X1 Carbon Gen 11 when you order through Lenovo.

Read more
Runway brings precise camera controls to AI videos
Gen-3 alpha advanced camera controls

Content creators will have more control over the look and feel of their AI-generated videos thanks to a new feature set coming to Runway's Gen-3 Alpha model.

Advanced Camera Control is rolling out on Gen-3 Alpha Turbo starting today, the company announced via a post on X (formerly Twitter).

Read more
Score the Dell XPS 15 for less than $1,000 during this sale
Dell XPS 15 9520 front view showing display and keyboard deck.

If you’ve been looking for laptop deals but feel disappointed with the results of your research, we know the pain. Searching for a new PC can take months, especially if you’ve got the time and energy to vet through numerous brands and models. Fortunately, there are a few tried and true PC names, one of which happens to be Dell. We see Dell laptop deals pretty regularly, but this one stopped us in our tracks:

Right now, when you order the Dell XPS 15 Laptop through the manufacturer, you’ll save $300. At full price, this model sells for $1,300.

Read more