Watch your USBs: Ahoy, USBHarpoon!

You would be hard pressed to find a person who has not in the least seen a USB. Most people have probably used a USB with their phones, to charge an accessory, attach a printer to a laptop, transfer a file, or any other various activities with these. As the users take these and use them for their specific use, in nearly all of the cases the USB is generally fine and creates no issues. The USB works as expected.

Unpleasant Ends

Researchers decided to see what else could be done with these. To meet the challenge the researchers created a modified USB with an unpleasant surprise for the user. In short, this is a programmable USB. This is normally not experienced with a USB. The modified USB appears in every form, just like any other simple USB.

The user receives the USB. The user may have been given this, by someone with a misguided sense of humor, may have found this on the ground, or given away by a vendor who purchased this from another vendor in a batch. The user unlocks their computer and plugs the USB into their computer. The user’s excitement, unbeknownst to them, ends after a few seconds.

Operations

Once the adulterated USB is plugged in, the USB goes into action. This is coded to type and launch commands for its malware payload. The SUB inputs these commands automatically. On a Windows machine, the malware runs from the Run prompt. On a Mac or Linux machine, these are run from a terminal.

This malware is built on the BadUSB prior research and implementation. This is done via reprogramming the controller on the chip on the USB. In theory, this could be coded to complete very detrimental tasks to the user’s computer.

The important lesson, in this case, is not to plug just any USB into your computer. These USBs are not the ones purchased from the local office supply store. These have been purchased, removed from their packaging, modified and passed onto the unsuspecting user. Users shouldn't have to plug any USB into their computer, and only use ones that you are completely confident with.

Resources

Ilascu, I. (2018, August 20). USBHarpoon is a BadUSB attack with a twist. Retrieved from https://www.bleepingcomputer.com/news/security/usbharpoon-is-a-badusb-attack-with-a-twist/ Threat Brief. (2018, August 21). USBHarpoon is a BadUSB attack with a twist. Retrieved from https://threatbrief.com/usbharpoon-is-a-badusb-attack-with-a-twist/

Yiu, V. (2018). USBHarpoon. Retrieved from https://vincentyiu.co.uk/usbharpoon/

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.

Check back soon

Once posts are published, you’ll see them here.

Cybersecurity and Medical Devices

Cybersecurity and Linux SSH Servers

Cybersecurity and the Auto Industry

Cybersecurity and the Energy Sector

Cybersecurity and Costs

Cybersecurity and Electronic Health Records

Cybersecurity and IoMT

Cybersecurity and Obscurity

Cybersecurity and New Devices and Old Problems

Cybersecurity and the Diversity of Data

No tags yet.

Watch your USBs: Ahoy, USBHarpoon!

Featured Posts

Recent Posts

Archive

Search By Tags

Follow Us