Thunderbolt, FireWire, and ExpressCard (and variants) are all vulnerable to DMA attacks.
Just because there has been an exploit discovered for USB does not make them any more secure.
I'm going back to only using a pen and paper from now on.
I don't get it: does the "virus" reside on the USB device (such as a flash drive, external HDD or charger) or does it get copied into the computer's USB firmware? So if someone plugs an infected USB device into a computer, does removing the device remove the virus?
Basically it works this way:
1. A tampered USB disk contains invisible drive with a virus inside and the virus enter the system. Trying to clean the USB disk does not remove the virus nor the hidden drive
2. A tampered USB disk declares itself as a keyboard and/or a mouse to the OS, it then sends commands to the OS as if it were you
3. A combination of 1 and 2 where 2 instructs the OS to load a program in 1
4. A USB disk declares itself as a network interface and the OS elects it as the main network interface, then all traffic is logged and redirected to the main network interface, possibly injecting packets
A good OS (linux, for example) prevents 1, 2 will appear on your screen and, if you do not run as administrator, even injected commands cannot do much harm and 4 may be disabled if the OS does not automatically adds network interfaces and give them the capability to set DNS or to divert traffic
It seems that, as always, spreding viruses and the likes needs some sort of cooperation from the OS and/or the user...
And I would be much more worried by firmware in SSD, that can inject malware inside files, and backdoors inside microprocessors
Basically it works this way:
1. A tampered USB disk contains invisible drive with a virus inside and the virus enter the system. Trying to clean the USB disk does not remove the virus nor the hidden drive
2. A tampered USB disk declares itself as a keyboard and/or a mouse to the OS, it then sends commands to the OS as if it were you
3. A combination of 1 and 2 where 2 instructs the OS to load a program in 1
4. A USB disk declares itself as a network interface and the OS elects it as the main network interface, then all traffic is logged and redirected to the main network interface, possibly injecting packets
A good OS (linux, for example) prevents 1, 2 will appear on your screen and, if you do not run as administrator, even injected commands cannot do much harm and 4 may be disabled if the OS does not automatically adds network interfaces and give them the capability to set DNS or to divert traffic
It seems that, as always, spreding viruses and the likes needs some sort of cooperation from the OS and/or the user...
----------
And I would be much more worried by firmware in SSD, that can inject malware inside files, and backdoors inside microprocessors
Isn't this attack one of the projects outed by Edward Snowden? Sounds like something that NSA would cook up at least.
Penetration-testing companies either randomly mail USB-sticks with malware to employees of their client or they "accidentally" lose a couple of them at the bus-station or the car-park in vicinity of the corporate building.
People usually try and see what's on the device and plug it in - bang, the malware infects the mark and installs a remote administration tool (RAT) that allows the pen-tester to control the PC of the employee.
I know of a case where one of the mailed USB-sticks (sent from a fake address) didn't reach the intended target and was routed to the central post office. The letter was opened and the post-office employee - charged with the task to find clues as to the sender of the letter - dutifully inserted the USB-stick in his PC.
Suddenly, the pen-testers found themselves browsing the PC of an employee of a company they didn't have a contract with....
I think it would be pretty naive at this point to believe that certain 3-letter acronym government agencies and/or their 3rd-party contractors who develop software for them didn't get the idea (firmware is the trojan) earlier.
just use the same kind of restrictions you use personally and not let someone stick something in any of your ports or slots unless you want them to and know they are clean.
Oh, you think that pen is safe?I'm going back to only using a pen and paper from now on.
Interesting to say the least.
I wonder how many more "flaws" will come to light, and how many of them will be ascribed to sinister motives, e.g., the NSA.
Just use the same kind of restrictions you use personally and not let someone stick something in any of your ports or slots unless you want them to and know they are clean.
Gee, thanks "researchers" for REVEALING to all the criminals out there a good way to screw people's devices up. I mean researching vulnerabilities is all fine and good, but they shouldn't be announced to the general public until a FIX is available. Otherwise, they're only helping the "bad guys". Here, it's made clear there is no possible fix in sight and therefore shouting it to the world helps no one and may hurt many.
The military has actually banned USB devices for years now. I believe the ban started 4-5 years ago. There was some incident involving Chinese hackers, if I recall correctly.
Probably not a big risk for your average person. Just don't use random people's thumb drives.
So, I'm guessing that this virus attack primarily hits the windows platform? Or are Macs actually affected in a big way with this one?
All my drives are used in-house by me and only me, so I think I'm safe. Hopefully.