Share

Hackers can tap USB devices

Boston - USB devices such as keyboards, thumb-drives and mice could be used to hack into personal computers in a potential new class of attacks that evade all known security protections, a top computer researcher revealed on Thursday.

Karsten Nohl, chief scientist with Berlin's SR Labs, noted that hackers could load malicious software onto tiny, low-cost computer chips that control functions of USB devices but which have no built-in shields against tampering with their code.

Extremely dangerous

"You cannot tell where the virus came from. It is almost like a magic trick," said Nohl, whose research firm is known for uncovering major flaws in mobile phone technology.

The finding shows that bugs in software used to run tiny electronics components that are invisible to the average computer user can be extremely dangerous when hackers figure out how to exploit them. Security researchers have increasingly turned their attention to uncovering such flaws.

Nohl said his firm has performed attacks by writing malicious code onto USB control chips used in thumb drives and smartphones.

Once the USB device is attached to a computer, the malicious software can log keystrokes, spy on communications and destroy data, he said.

Attack methods

Computers do not detect the infections when tainted devices are inserted because anti-virus programmes are only designed to scan for software written onto memory and do not scan the "firmware" that controls the functioning of those devices.

Nohl and Jakob Lell, a security researcher at SR Labs, will describe their attack method at next week's Black Hat hacking conference in Las Vegas.

Thousands of security professionals gather at the annual conference to hear about the latest hacking techniques, including ones that threaten the security of business computers, consumer electronics and critical infrastructure.

We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Rand - Dollar
18.99
-0.3%
Rand - Pound
24.07
+0.2%
Rand - Euro
20.58
+0.0%
Rand - Aus dollar
12.36
+0.5%
Rand - Yen
0.13
+0.7%
Platinum
902.95
+0.1%
Palladium
998.75
-0.7%
Gold
2,153.42
-0.3%
Silver
24.92
-0.5%
Brent Crude
86.89
+1.8%
Top 40
65,837
-0.6%
All Share
72,075
-0.5%
Resource 10
53,082
-0.4%
Industrial 25
99,417
-1.1%
Financial 15
16,638
+0.1%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders