On Thu, Jul 31, 2014 at 11:46 AM, Jerry Leichter <leichter@lrw.com> wrote:

http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badu... The full talk/paper don't seem to be available yet, but they (a) figured out how to write malware that attacks a system via something plugged into its USB port (no, it doesn't depend on AUTORUN); (b) flipped that around and figured out how to replace the firmware on a USB device from the host. I wouldn't have thought (b) was possible - after all, how many firmware updates for USB devices have you ever seen? - but I guess it's handy at the end of manufacturing, and gets left open because ... who would ever think of attacking it?

On further reflection, though, I realized that the only thing new here is that they actually went and built a full-cycle virus. All the rest was done a couple of years ago: Apple published an update for its (USB) keyboards - http://support.apple.com/kb/HT4010 - and someone reverse-engineered it and figured out how to upload any code they liked - https://www.blackhat.com/presentations/bh-usa-09/CHEN/BHUSA09-Chen-RevAppleF...

The fun never ends....

Just like BIOS/HDD firmware APT's, the updateability of firmware on USB controllers is nothing new... even thumbdrives come with firmware 'deleted' or fast formatted off their media, dd(1)... it just took a while to make it fun for the entire family. flashboot.ru phison.com usb mass production tool BadUSB BadBIOS spritesmods.com hddhack