On the 7th of August 2014 at the Black Hat 2014, German security firm Security Research (SR) Labs revealed one of the first USB vulnerabilities known as BadUSB where this malware is designed to attack the device itself instead of the data on the device.
This means that this malware is capable of reprogramming the entire USB where this infected device now can be malicious in many ways:
- A device can emulate a keyboard and issue commands on behalf of the logged-in user, for example, to exfiltrate files or install malware. Such malware, in turn, can infect the controller chips of other USB devices connected to the computer.
- The device can also spoof a network card and change the computer’s DNS setting to redirect traffic.
- A modified thumb drive or external hard disk can – when it detects that the computer is starting up – boot a small virus, which infects the computer’s operating system prior to boot.
Taken from SR Labs official blog
Why we are not affected?
Securemetric has always been following the best practice of updating the firmware.
This means that not only firmware updating of our tokens and dongles are done in a controlled manner. Our firmware update process is also protected with an encryption key that eliminates access from any unauthorized person.
Any tampering of information during the firmware update process will be detected during our cryptographic operations.
Therefore, we are confident to announce that our PKI Token and Dongle products are not affected by this attack.
If you have any questions regarding this, do contact us.