usbdriveby

 

A few months ago was discovered a worrying  vulnerability of standard USB  which does not seem to be repaired, called BadUSB. Until now such information was only theoretical and no one has developed a software which can uses this security hole, but a well-known hacker Samy Kamkar has managed to develop a hardware device called USBdriveby that can take control of any computer in just a few seconds. Once connected to a system, in this case is used to demonstrate a Mac, the small device acts as a keyboard and start writing commands which open the port on the network to use as a remote computer. In the video below you can see the whole process slow, but in reality everything happens so quickly that the user does not see what happened.

 

The final purpose is to connect to the server , who may send your computer “hijacked” remote commands. The process is so effective that disregards any firewalls or routers which in theory should protect networks such attacks. Basically, it creates a “tunnel” between the server and the infected computer directly, offering to hacker access to all the information on it, sending users to other addresses when accessing certain websites and can lead to installing of a keylogger obtaining accounts and passwords, credit cards or other private information.

 

The biggest problem with this type of hack is that you can not protect your device. Once a hacker has physical access to a computer and connect to the device, in just a few seconds can install the software, and the user may not even realize that, if not check some pretty advanced settings such as DNS and firewall.

Although the demonstration is performed on an Apple computer with Mac OS X installed, using proper commands, this hack can run on Windows or Linux in the same way. If the name sounds familiar, Samy Kamkar installed many years ago a virus worms on MySpace and developed SlyJack, a drone that can hijack control of other drones.