USB Chip Exploited to Steal Data and Hijack Computers

USB (Universal Serial Bus) is a standard method for connecting devices and data transfer.

It is a well known fact that sometimes USB devices infect your computer with deadly viruses. Good thing is that now most people know about it, and use an anti-virus software to detect the malware and viruses hidden inside a USB along with data.

hacker
But what if the malware is embedded inside the firmware of USB? obviously no antivirus program has the ability to scan the “chip” of a USB drive. So it means that a manipulated USB can infect your computer, without your knowledge; making it a greater security risk than previously believed.

At the Black Hat Hackers conference in Las Vegas, researchers from the Berlin data security company “Security Research Labs” have demonstrated that how easy it is to remotely control a computer with the help of a USB device, and the horror scenario is that the user will never know about this.

The malware is hidden inside the firmware of device. The firmware contains the information about the function of a USB. It tells the computer that if the USB plugged in by the user is a storage device, keyboard, camera, network card or a mobile phone etc.

So if the firmware of a USB has been manipulated it can fool the computer system to think of itself as a keyboard and log all the keystrokes, including your passwords and personal information. In another scenario, it can disguise itself as a network card and copy all your data traffic and send it to hackers without your notice.

Both of these scenarios were demoed at the Black Hat Hackers conference and there is a significant number of manipulation options which makes things so horrible.

The security experts have demanded to upgrade the USB standard with additional capabilities for security. Unfortunately, at present there is no way to protect yourself against this kind of data theft, other than stop using all kind of USB devices.


  • Muhammad Ashraf

    These Days cheap usb drives are being sold in market which is produced by Chinese companies; those drives are not good in quality and risk of potential malicious software is highly exists as these companies do not have strict quality control.

  • Muhammad Aamir

    It is clear that the next generation laptops,smart phones and desktops etc will be built in this type of technology and their data perhaps will be transferred to the NSA, CIA agencies etc. Simply, no one is safe in this ruthless world!

  • Muhammad Ashraf

    NSA involvement can’t be ruled out in inserting malicious software
    into firmware of USB by intercepting the product from various stages of supply
    chain or they may have special unit for distribution of infected USB into mass market
    in order to perform mass scale surveillance. Recent reports from former NSA contractor revealed that NSA has an organized setup for intercepting the supply of laptops during transit in order to perform modification or adding spyware into target’s
    PC before delivery to intended recipient.

  • Ahmad Raza

    our privacy has already been breached by various things like Facebook, twitter skype our mails and every thing, all our communications are watched so it dosen’t bother me now :)

    • Muhammad Aamir

      That’s why! I say nothing is safe in this ruthless world..!!

  • Ali Asghar

    Brilliant post this is, and would like to see more information like this to bring awareness among us…welldone Author!

  • Yasir Mahmood

    Excellent ideas

  • Awais

    If you and I are aware of this, so would be Microsoft, I’m sure there’ll be a windows update soon to overcome this issue ASAP.

  • Afzal Ahmad

    hi, ram and usb contains chips but why ram is temporary memory and usb temporary memory? answered me