HOME

TheInfoList



Click Here for Items Related To - BadUSB
OR:
BadUSB on:   [Wikipedia]   [Google]   [Amazon]

BadUSB is a
computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...
attack using
USB Universal Serial Bus (USB) is an industry standard, developed by USB Implementers Forum (USB-IF), for digital data transmission and power delivery between many types of electronics. It specifies the architecture, in particular the physical ...
devices that are programmed with malicious software. For example,
USB flash drives A flash drive (also thumb drive, memory stick, and pen drive/pendrive) is a data storage device that includes flash memory with an integrated USB interface. A typical USB drive is removable, rewritable, and smaller than an optical disc, and ...
can contain a programmable
Intel 8051 The Intel MCS-51 (commonly termed 8051) is a single-chip microcontroller (MCU) series developed by Intel in 1980 for use in embedded systems. The architect of the Intel MCS-51 instruction set was John H. Wharton.. Intel's original versions w ...
microcontroller, which can be reprogrammed, turning a USB flash drive into a malicious device. This attack works by programming the fake USB flash drive to emulate a keyboard. Once it is plugged into a computer, it is automatically recognized and allowed to interact with the computer. It can then initiate a series of keystrokes which open a command window and issue commands to download malware. The BadUSB attack was first revealed during a Black Hat talk in 2014 by Karsten Nohl, Sascha Krißler and Jakob Lell. Two months after the talk, other researchers published code that can be used to exploit the vulnerability. In 2017, version 1.0 of the USG dongle, which acts like a hardware firewall, was released, which is designed to prevent BadUSB style attacks.


Criminal usage

In March 2020, the
FBI The Federal Bureau of Investigation (FBI) is the domestic Intelligence agency, intelligence and Security agency, security service of the United States and Federal law enforcement in the United States, its principal federal law enforcement ag ...
issued a warning that members of the FIN7 cybercrime group had been targeting companies in the retail, restaurant, and hotel industries with BadUSB attacks designed to deliver REvil or BlackMatter
ransomware Ransomware is a type of malware that Encryption, encrypts the victim's personal data until a ransom is paid. Difficult-to-trace Digital currency, digital currencies such as paysafecard or Bitcoin and other cryptocurrency, cryptocurrencies are com ...
. Packages have been sent to employees in IT,
executive management Senior management, executive management, or upper management is an occupation at the highest level of management of an organization, performed by individuals who have the day-to-day tasks of managing the organization, sometimes a company or a cor ...
, and
human resources Human resources (HR) is the set of people who make up the workforce of an organization, business sector, industry, or economy. A narrower concept is human capital, the knowledge and skills which the individuals command. Similar terms include ' ...
departments. One intended target was sent a package in the mail which contained a fake
gift card A gift card, also known as a gift certificate in North America, or gift voucher or gift token in the UK, is a prepaid stored-value card, stored-value money card, usually issued by a retailer or bank, to be used as an alternative to cash for pu ...
from
Best Buy Best Buy Co., Inc. is an American multinational consumer electronics retailer headquartered in Richfield, Minnesota. Originally founded by Richard M. Schulze and James Wheeler in 1966 as an audio specialty store called Sound of Music, it was r ...
as well as a USB flash drive with a letter stating that the recipient should plug the drive into their computer to access a list of items that could be purchased with the gift card. When tested, the USB drive emulated a keyboard, and then initiated a series of keystrokes which opened a
PowerShell PowerShell is a shell program developed by Microsoft for task automation and configuration management. As is typical for a shell, it provides a command-line interpreter for interactive use and a script interpreter for automation via a langu ...
window and issued commands to download malware to the test computer, and then contacted servers in
Russia Russia, or the Russian Federation, is a country spanning Eastern Europe and North Asia. It is the list of countries and dependencies by area, largest country in the world, and extends across Time in Russia, eleven time zones, sharing Borders ...
. In January 2022, the FBI issued another warning that members of FIN7 were targeting transportation and insurance companies (since August 2021), and defense companies (since November 2021), with BadUSB attacks designed to deliver REvil or BlackMatter ransomware. These targets were sent USB drives in packages claiming to be from
Amazon Amazon most often refers to: * Amazon River, in South America * Amazon rainforest, a rainforest covering most of the Amazon basin * Amazon (company), an American multinational technology company * Amazons, a tribe of female warriors in Greek myth ...
or the
United States Department of Health and Human Services The United States Department of Health and Human Services (HHS) is a cabinet-level executive branch department of the US federal government created to protect the health of the US people and providing essential human services. Its motto is ...
, with letters talking about free gift cards or COVID-19 protocols that were purportedly further explained by information on the USB drive. As above, when plugged in, the USB drives emulate a keyboard, and then initiate a series of keystrokes which open a PowerShell window and issue commands to download malware.


See also

* Juice jacking


Further reading

*


References


Further reading

* {{USB USB Computer security exploits