Have you heard BADUSB?
Yes it is true. There is a BADUSB. Means BAD and EVIL. Here's why?
What is BADUSB?
According to Blackhat Security demonstration, when you plug the BADUSB in any system, it act like usb keyboard, network card, camera. Its damn cool right? BADUSB contains malicious code that runs based on firmware. Antivirus cannot even detect this malicious code. If you plug this usb to any system, malicious firmware code talk to any system and tells sample like this:
Firmware Running Code step 1 trigger
BADUSB: "hi system, I am usb keyboard? Can I type somethin?"
SYSTEM: "sure why not?" but first I have to check a standard driver for you, and you can do whatever you want to do. Ok now, you are good to go.
BADUSB: "Ok Copy that". (now malicious firmware base running code start to)
{01010101Scanning System..Scanning keystroke..
Search 01P0A1S0S1W0O1R0D10..Search 0CREDIT1CARD0
Matching Profile..
Saving Profile...done..1010101}
Firmware Running Code step 2 trigger
BADUSB: "hi system, I am usb network card now? Can I talk to this host destination?"
SYSTEM: "really?" "are you kiddin me?" "Ok, but first I have to scan my system and check a standard driver for you, and you can do whatever you want to do. Ok now, you are good to go.
BADUSB: "Ok Copy that". (now malicious firmware base running code start to)
01010101..Scanning Gateway..DNS...Send Profile.....1010101
Yes it is true. There is a BADUSB. Means BAD and EVIL. Here's why?
What is BADUSB?
According to Blackhat Security demonstration, when you plug the BADUSB in any system, it act like usb keyboard, network card, camera. Its damn cool right? BADUSB contains malicious code that runs based on firmware. Antivirus cannot even detect this malicious code. If you plug this usb to any system, malicious firmware code talk to any system and tells sample like this:
Firmware Running Code step 1 trigger
BADUSB: "hi system, I am usb keyboard? Can I type somethin?"
SYSTEM: "sure why not?" but first I have to check a standard driver for you, and you can do whatever you want to do. Ok now, you are good to go.
BADUSB: "Ok Copy that". (now malicious firmware base running code start to)
{01010101Scanning System..Scanning keystroke..
Search 01P0A1S0S1W0O1R0D10..Search 0CREDIT1CARD0
Matching Profile..
Saving Profile...done..1010101}
Firmware Running Code step 2 trigger
BADUSB: "hi system, I am usb network card now? Can I talk to this host destination?"
SYSTEM: "really?" "are you kiddin me?" "Ok, but first I have to scan my system and check a standard driver for you, and you can do whatever you want to do. Ok now, you are good to go.
BADUSB: "Ok Copy that". (now malicious firmware base running code start to)
01010101..Scanning Gateway..DNS...Send Profile.....1010101
to be continue... i will not tell you what really happen..to this profile :)
This my imagination only "IF" I have this malicious firmware source code..
Check the real story here below about what can BADUSB can really do..
Sources
tELL mE what Your ThInkin now? ;)
This my imagination only "IF" I have this malicious firmware source code..
Check the real story here below about what can BADUSB can really do..
Sources
tELL mE what Your ThInkin now? ;)
No comments:
Post a Comment