Skip to main content

Uh oh, the humble USB has a serious security problem

So sinister, you won't even know it's there
Audio player loading…

Ah, the USB. The framework holding our digital lives together. The one we can always rely on. And no matter how many times we pull you out without ejecting first, you still work anyway. USB, we love you.

But the USB could also become a weapon of mass digital destruction. According to Wired, security researchers have reverse engineered the firmware that controls basic USB functions.

But even worse, they've written a piece of malware called BadUSB that can be put onto a USB and "completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user's internet traffic." That doesn't sound too good to us.

Hidden in plain sight

Because the malware is actually hidden in the firmware, be it on a thumb drive or a keyboard, it's very, very difficult to delete. "You can give it you your IT security people, they scan it, delete some files, and give it back to you telling you it's 'clean'," said security researcher Karsten Nohl.

"The cleaning process doesn't even touch the files we're talking about."

The pair of researchers will be demonstrating their findings at the Black Hat security conference in Las Vegas. But for now, you're best advised to not go sticking your USBs into any computers you don't trust.

Hugh Langley is the ex-News Editor of TechRadar. He had written for many magazines and websites including Business Insider, The Telegraph, IGN, Gizmodo, Entrepreneur Magazine, WIRED (UK), TrustedReviews, Business Insider Australia, Business Insider India, Business Insider Singapore, Wareable, The Ambient and more.

Hugh is now a correspondent at Business Insider covering Google and Alphabet, and has the unfortunate distinction of accidentally linking the TechRadar homepage to a rival publication.