Hackers can tap USB devices in new attacks, researcher warns
USB devices such as keyboards, thumb-drives and mice can be used to hack into personal computers in a potential new class of attacks that evade all known security protections, a top computer researcher has revealed.Karsten Nohl, chief scientist with Berlin’s SR Labs, noted that hackers could load malicious software onto tiny, low-cost computer chips that control functions of USB devices but which have no built-in shields against tampering with their code.
“You cannot tell where the virus came from. It is almost like a magic trick,” said Nohl, whose research firm is known for uncovering major flaws in mobile phone technology.
The finding shows that bugs in software used to run tiny electronics components that are invisible to the average computer user can be extremely dangerous when hackers figure out how to exploit them. Security researchers have increasingly turned their attention to uncovering such flaws.
Nohl said his firm has performed attacks by writing malicious code onto USB control chips used in thumb drives and smartphones. Once the USB device is attached to a computer, the malicious software can log keystrokes, spy on communications and destroy data, he said.
Computers do not detect the infections when tainted devices are inserted because anti-virus programs are only designed to scan for software written onto memory and do not scan the “firmware” that controls the functioning of those devices, he said.
Okay……interesting…..but what are we supposed to do about this? It seems to me that basic home computer users are being bombarded by these horrible, scary articles everyday! We all know to watch out for “common” things, such as phising, not to click on links in email, etc, etc……but…..this stuff is just is beyond scary! It’s just one more thing that the average computer user now has to worry about and most of us will ignore! Yes, we need to know that there are bad things that can happen, but if we have to worry about every thing like this, we may as well just stop using the computer and go back to rotary phones and forego the bank and hide our money under the mattress!
Now the battle really begins and I’m hoping Emisoft is up to the task. Protecting EVERYTHING is going to be quite the challenge. Sue’s got a few points. At least I’d get more peace and quiet without the cell phone. LOL
Lets all be thankful for all Cloudeight does to alert us and help us with understanding and locating help.
I admit this is scary for us small time users, but, we need to aware of it and hopefully Emisoft will come up with a solution???
Thanks for the info, don’t know what to do next, hook-up my old connection or keep using the wireless mouse and keyboard with it USB device???
So what are we suppose to do? Just be frightened all the time? This is just crazy. I have to agree with Sue.
OH–for crying out loud— what next ????