Research Finds That All USB Devices Can Be Used For Data Theft

Can your USB keyboard and mouse be trusted? Can anything that you plug into your USB port be trusted? In a word, no. It's something we all should have known by now, but the truth is finally coming out thanks to some new research on the matter. Security experts have known forever that USB flash drives and hard drives could contain malware and other viruses, but now we're learning that even strange USB peripherals such as coffee cup warmers and reading lights could also transmit harmful data.

Basically, the new research confirms that modified USB devices could be swapped without the knowledge of the end-user, and that modified device could be coded to steal data or otherwise compromise a computer. If you have a specific model of keyboard, for example, and a hacker replaces that with a hacked keyboard of the same model, your PC wouldn't immediately know the difference. This would allow the hacked keyboard to issue compromising commands to the host computer in order to accomplish data theft or implement other exploits.

As many experts have noted, this research opens up a new can of worms. Will this mean that all USB devices used by major companies will now need some other sort of protection? When think about how easy it is to swap a USB mouse or keyboard (among other things), you quickly realize just how easy it would be to compromise almost anything. Yikes.

Via:  New Scientist
Show comments blog comments powered by Disqus