Be careful about your USB devices

A flaw has been found in the design of the USB specification that you need to be aware of. The Victor crew would like you know more about this flaw. It could be found in any USB device you plug into your PC: mice, keyboards, thumb drives, external hard drives, printers, etc.

USB manufacturers do not protect the firmware in their devices so it makes it possible for malware to overwrite the firmware and take control. They can be reprogrammed to steal the contents of anything written to the drive and then in turn spread the malware to other PCs.

Some ways the malware can affect your PC are infecting at boot state before antivirus programs have started, it can emulate a keyboard command, pretend to be a network card, according to Karsten Nohl and Jakob Lell at Security Research Labs. They are presenting these findings at the Black Hat USA 2014 in Las Vegas.

Unfortunately, there isn’t much we can do. We need to be careful of what we are plugging into our PCs and careful of where we are plugging our devices. Do not plug a thumb drive in a public PC and then plug into your own PC.