http://money.msn.com/business-news/article.aspx?feed=OBR&date=20140731&id=17821156
July 31, 2014
Reporting by Jim Finkle in Boston. Additional reporting by Michael Gold in Taipei; Editing by Richard Valdmanis and Richard Chang
USB devices such as mice, keyboards and thumb-drives can be used to hack into personal computers in a potential new class of attacks that evade all known security protections, a top computer researcher revealed on Thursday.
Karsten Nohl, chief scientist with Berlin's SR Labs, noted that hackers could load malicious software onto tiny, low-cost computer chips that control functions of USB devices but which have no built-in shields against tampering with their code.
"You cannot tell where the virus came from. It is almost like a magic trick," said Nohl, whose research firm is known for uncovering major flaws in mobile phone technology.
•••••
Once a computer is infected, it could be programmed to infect all USB devices that are subsequently attached to that PC, which would then corrupt machines that they contact.
"Now all of your USB devices are infected. It becomes self-propagating and extremely persistent," Nohl said. "You can never remove it."
-----
"The manufacturer should make it much harder to change the software that runs on a USB stick," Paar said.
No comments:
Post a Comment