Could a badUSB device install actual malware (disguised as the drivers) on your computer? I thought that windows and Mac required all drivers to be digitally signed though? Obviously, a badUSB device could impersonate a keyboard and use keyboard shortcuts to do things, but wouldn't the user notice though and be able to unplug the USB device before it's too late?
Asked
Active
Viewed 228 times
2 Answers
1
Hello there genealogy!
A bad USB is able to download files hosted on a website. A very common thing for pen testers to do is to upload a file (most commonly a shell, exe or malware of some sort) to a said directory of a website that, with the help of a script that the USB will run, will make the computer download said file.
Yes, the owner of the device can actually see when the bad USB starts doing its thing and disconnect it, but that is when other skillsets enter into play, like social engineering.
Hope this helped!
Ace
- 43
- 3
-
Hmm what is your rebuttal to the answer below that disagrees with you? – genealogyxie Sep 22 '16 at 10:07
1
In fact, a badUSB device apparently can directly load malware stored on it directly to a host it is plugged into. This issue of Bruce Schneier's blog - The Fundamental Insecurity of USB has references and a capsule summary. He later reports publication of the code for the exploit, here - BadUSB Code Has Been Published
Schneier describes the problem as an "unpatchable USB vulnerability".
Cris P
- 111
- 2
-
But if that were the case, then why did Stuxnet require exploiting four different zero days and it only worked on windows machines? Why not just use this? – genealogyxie Sep 21 '16 at 03:35