German security researchers have demonstrated how they could take over Linux and Windows PCs by manipulating the firmware of USB drives. On Linux the researchers require administrator rights which they acquired through a vulnerability in the screensaver. The hack was demonstrated on the the hackers conference Black Hat.
Earlier the researchers already announced they found a critical security vulnerability in USB. By manipulating the firmware of USB drives (Bad USB hack) it was possible to infect other USB devices and e.g monitor network traffic, keystrokes, steal banking information etc. etc.
The trick doesn’t only work on Windows PCs but also on computers running Linux, the german security researchers demonstrated. The malware acquires administrator rights by displaying the screensaver and intercepting the password with a ‘password stealer’ when the user types. With administrator rights, the infected USB device gains access to other USB drives.
To protect computers, the researchers recommend whitelisting USB devices to protect the system against Bad USB. Also antivirus software needs to scan the firmware of USB devices to detect infections. A definitive solution is to make it impossible to update the firmware of USB hardware with the disadvantage that bugs can no longer be patched.
The same researchers also remotely hacked the software of sim cards which allowed them to intercept messages and phone calls. They also hacked the encryption used to secure GSM phone calls and the protection of chips on cards used for electronic payments.